From d6a260084b9ef071b8d9102fd42947ed29d884de Mon Sep 17 00:00:00 2001 From: Berend Sliedrecht Date: Tue, 9 Jul 2024 11:44:04 +0200 Subject: [PATCH] feat: basic schema validation for spec-defined objects Signed-off-by: Berend Sliedrecht --- .github/workflows/pipeline.yaml | 11 +- .npmrc | 1 - package.json | 16 +- .../__tests__/fixtures/constraintsFigure17.ts | 8 + .../fixtures/entityConfigurationFigure18.ts | 23 + .../fixtures/entityConfigurationFigure43.ts | 42 ++ .../fixtures/entityConfigurationFigure50.ts | 40 ++ .../fixtures/entityConfigurationFigure52.ts | 25 + .../fixtures/entityConfigurationFigure56.ts | 25 + .../fixtures/entityConfigurationFigure60.ts | 21 + .../fixtures/entityConfigurationFigure69.ts | 35 ++ .../fixtures/entityConfigurationFigure8.ts | 31 + .../fixtures/entityConfigurationFigure9.ts | 49 ++ .../fixtures/entityStatementFigure2.ts | 52 ++ .../fixtures/entityStatementFigure26.ts | 34 ++ .../fixtures/entityStatementFigure54.ts | 35 ++ .../fixtures/entityStatementFigure58.ts | 30 + .../fixtures/entityStatementFigure62.ts | 29 + .../fixtures/entityStatementFigure70.ts | 48 ++ .../federationEntityMetadataFigure7.ts | 8 + .../__tests__/fixtures/metadataFigure63.ts | 18 + .../fixtures/trustMarkClaimsFigure19.ts | 11 + .../fixtures/trustMarkClaimsFigure21.ts | 15 + .../fixtures/trustMarkClaimsFigure22.ts | 8 + .../fixtures/trustMarkClaimsFigure23.ts | 8 + .../fixtures/trustMarkClaimsFigure24.ts | 7 + .../fixtures/trustMarkIssuersFigure4.ts | 4 + .../fixtures/trustMarkOwnersFigure3.ts | 17 + .../fixtures/trustmarkClaimsFigure20.ts | 9 + packages/core/__tests__/schemas.test.ts | 146 +++++ packages/core/package.json | 22 + packages/core/src/constraints.ts | 27 + packages/core/src/entityConfiguration.ts | 9 + packages/core/src/entityStatement.ts | 27 + .../src/index.ts | 0 packages/core/src/jsonWeb/index.ts | 3 + packages/core/src/jsonWeb/jsonWebKey.ts | 13 + packages/core/src/jsonWeb/jsonWebKeySet.ts | 8 + packages/core/src/jsonWeb/jsonWebToken.ts | 29 + packages/core/src/metadata/common.ts | 16 + .../src/metadata/entity/federationEntity.ts | 22 + packages/core/src/metadata/entity/index.ts | 6 + .../entity/oauthAuthorizationServer.ts | 13 + .../core/src/metadata/entity/oauthClient.ts | 11 + .../core/src/metadata/entity/oauthResource.ts | 13 + .../src/metadata/entity/openIdProvider.ts | 24 + .../src/metadata/entity/openIdRelyingParty.ts | 16 + .../src/metadata/entity/utils/createEntity.ts | 19 + .../core/src/metadata/entity/utils/index.ts | 1 + packages/core/src/metadata/index.ts | 4 + packages/core/src/metadata/metadata.ts | 21 + packages/core/src/metadata/metadataPolicy.ts | 18 + .../operator/MetadataMergeStrategy.ts | 26 + .../src/metadata/operator/MetadataOperator.ts | 12 + .../operator/MetadataOrderOfApplication.ts | 9 + packages/core/src/metadata/operator/index.ts | 5 + .../src/metadata/operator/standard/add.ts | 24 + .../src/metadata/operator/standard/default.ts | 28 + .../metadata/operator/standard/essential.ts | 23 + .../src/metadata/operator/standard/index.ts | 7 + .../src/metadata/operator/standard/oneOf.ts | 20 + .../metadata/operator/standard/subsetOf.ts | 24 + .../metadata/operator/standard/supersetOf.ts | 24 + .../src/metadata/operator/standard/value.ts | 29 + .../utils/createPolicyOperatorSchema.ts | 20 + .../core/src/metadata/operator/utils/index.ts | 2 + .../metadata/operator/utils/swapValidators.ts | 16 + packages/core/src/metadata/policy.ts | 20 + packages/core/src/trustMark/index.ts | 3 + packages/core/src/trustMark/trustMark.ts | 21 + .../core/src/trustMark/trustMarkIssuer.ts | 5 + packages/core/src/trustMark/trustMarkOwner.ts | 12 + packages/core/src/utils/dateSchema.ts | 3 + packages/core/src/utils/index.ts | 1 + .../tsconfig.json | 2 +- .../__tests__/example.test.ts | 8 - packages/openid-federation-fetch/package.json | 17 - .../openid-federation-fetch/tsconfig.json | 7 - .../__tests__/example.test.ts | 8 - .../openid-federation-policies/package.json | 18 - .../openid-federation-policies/src/index.ts | 0 .../__tests__/example.test.ts | 8 - .../package.json | 17 - .../src/index.ts | 0 .../tsconfig.json | 7 - .../__tests__/example.test.ts | 8 - .../openid-federation-registry/package.json | 17 - .../openid-federation-registry/src/index.ts | 0 .../openid-federation-registry/tsconfig.json | 7 - .../__tests__/example.test.ts | 8 - .../package.json | 17 - .../src/index.ts | 0 .../tsconfig.json | 7 - .../__tests__/example.test.ts | 8 - .../openid-federation-resolver/package.json | 17 - .../openid-federation-resolver/src/index.ts | 0 .../openid-federation-resolver/tsconfig.json | 7 - pnpm-lock.yaml | 547 ++++++------------ pnpm-workspace.yaml | 2 +- 99 files changed, 1635 insertions(+), 564 deletions(-) delete mode 100644 .npmrc create mode 100644 packages/core/__tests__/fixtures/constraintsFigure17.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure18.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure43.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure50.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure52.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure56.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure60.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure69.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure8.ts create mode 100644 packages/core/__tests__/fixtures/entityConfigurationFigure9.ts create mode 100644 packages/core/__tests__/fixtures/entityStatementFigure2.ts create mode 100644 packages/core/__tests__/fixtures/entityStatementFigure26.ts create mode 100644 packages/core/__tests__/fixtures/entityStatementFigure54.ts create mode 100644 packages/core/__tests__/fixtures/entityStatementFigure58.ts create mode 100644 packages/core/__tests__/fixtures/entityStatementFigure62.ts create mode 100644 packages/core/__tests__/fixtures/entityStatementFigure70.ts create mode 100644 packages/core/__tests__/fixtures/federationEntityMetadataFigure7.ts create mode 100644 packages/core/__tests__/fixtures/metadataFigure63.ts create mode 100644 packages/core/__tests__/fixtures/trustMarkClaimsFigure19.ts create mode 100644 packages/core/__tests__/fixtures/trustMarkClaimsFigure21.ts create mode 100644 packages/core/__tests__/fixtures/trustMarkClaimsFigure22.ts create mode 100644 packages/core/__tests__/fixtures/trustMarkClaimsFigure23.ts create mode 100644 packages/core/__tests__/fixtures/trustMarkClaimsFigure24.ts create mode 100644 packages/core/__tests__/fixtures/trustMarkIssuersFigure4.ts create mode 100644 packages/core/__tests__/fixtures/trustMarkOwnersFigure3.ts create mode 100644 packages/core/__tests__/fixtures/trustmarkClaimsFigure20.ts create mode 100644 packages/core/__tests__/schemas.test.ts create mode 100644 packages/core/package.json create mode 100644 packages/core/src/constraints.ts create mode 100644 packages/core/src/entityConfiguration.ts create mode 100644 packages/core/src/entityStatement.ts rename packages/{openid-federation-fetch => core}/src/index.ts (100%) create mode 100644 packages/core/src/jsonWeb/index.ts create mode 100644 packages/core/src/jsonWeb/jsonWebKey.ts create mode 100644 packages/core/src/jsonWeb/jsonWebKeySet.ts create mode 100644 packages/core/src/jsonWeb/jsonWebToken.ts create mode 100644 packages/core/src/metadata/common.ts create mode 100644 packages/core/src/metadata/entity/federationEntity.ts create mode 100644 packages/core/src/metadata/entity/index.ts create mode 100644 packages/core/src/metadata/entity/oauthAuthorizationServer.ts create mode 100644 packages/core/src/metadata/entity/oauthClient.ts create mode 100644 packages/core/src/metadata/entity/oauthResource.ts create mode 100644 packages/core/src/metadata/entity/openIdProvider.ts create mode 100644 packages/core/src/metadata/entity/openIdRelyingParty.ts create mode 100644 packages/core/src/metadata/entity/utils/createEntity.ts create mode 100644 packages/core/src/metadata/entity/utils/index.ts create mode 100644 packages/core/src/metadata/index.ts create mode 100644 packages/core/src/metadata/metadata.ts create mode 100644 packages/core/src/metadata/metadataPolicy.ts create mode 100644 packages/core/src/metadata/operator/MetadataMergeStrategy.ts create mode 100644 packages/core/src/metadata/operator/MetadataOperator.ts create mode 100644 packages/core/src/metadata/operator/MetadataOrderOfApplication.ts create mode 100644 packages/core/src/metadata/operator/index.ts create mode 100644 packages/core/src/metadata/operator/standard/add.ts create mode 100644 packages/core/src/metadata/operator/standard/default.ts create mode 100644 packages/core/src/metadata/operator/standard/essential.ts create mode 100644 packages/core/src/metadata/operator/standard/index.ts create mode 100644 packages/core/src/metadata/operator/standard/oneOf.ts create mode 100644 packages/core/src/metadata/operator/standard/subsetOf.ts create mode 100644 packages/core/src/metadata/operator/standard/supersetOf.ts create mode 100644 packages/core/src/metadata/operator/standard/value.ts create mode 100644 packages/core/src/metadata/operator/utils/createPolicyOperatorSchema.ts create mode 100644 packages/core/src/metadata/operator/utils/index.ts create mode 100644 packages/core/src/metadata/operator/utils/swapValidators.ts create mode 100644 packages/core/src/metadata/policy.ts create mode 100644 packages/core/src/trustMark/index.ts create mode 100644 packages/core/src/trustMark/trustMark.ts create mode 100644 packages/core/src/trustMark/trustMarkIssuer.ts create mode 100644 packages/core/src/trustMark/trustMarkOwner.ts create mode 100644 packages/core/src/utils/dateSchema.ts create mode 100644 packages/core/src/utils/index.ts rename packages/{openid-federation-policies => core}/tsconfig.json (80%) delete mode 100644 packages/openid-federation-fetch/__tests__/example.test.ts delete mode 100644 packages/openid-federation-fetch/package.json delete mode 100644 packages/openid-federation-fetch/tsconfig.json delete mode 100644 packages/openid-federation-policies/__tests__/example.test.ts delete mode 100644 packages/openid-federation-policies/package.json delete mode 100644 packages/openid-federation-policies/src/index.ts delete mode 100644 packages/openid-federation-registry-policies/__tests__/example.test.ts delete mode 100644 packages/openid-federation-registry-policies/package.json delete mode 100644 packages/openid-federation-registry-policies/src/index.ts delete mode 100644 packages/openid-federation-registry-policies/tsconfig.json delete mode 100644 packages/openid-federation-registry/__tests__/example.test.ts delete mode 100644 packages/openid-federation-registry/package.json delete mode 100644 packages/openid-federation-registry/src/index.ts delete mode 100644 packages/openid-federation-registry/tsconfig.json delete mode 100644 packages/openid-federation-resolver-policies/__tests__/example.test.ts delete mode 100644 packages/openid-federation-resolver-policies/package.json delete mode 100644 packages/openid-federation-resolver-policies/src/index.ts delete mode 100644 packages/openid-federation-resolver-policies/tsconfig.json delete mode 100644 packages/openid-federation-resolver/__tests__/example.test.ts delete mode 100644 packages/openid-federation-resolver/package.json delete mode 100644 packages/openid-federation-resolver/src/index.ts delete mode 100644 packages/openid-federation-resolver/tsconfig.json diff --git a/.github/workflows/pipeline.yaml b/.github/workflows/pipeline.yaml index 8e14b04..3966f2f 100644 --- a/.github/workflows/pipeline.yaml +++ b/.github/workflows/pipeline.yaml @@ -37,17 +37,16 @@ jobs: run: pnpm install - name: Check formatting - run: pnpm check-format:ci + run: pnpm check:style - name: Build run: pnpm build - name: Check types - run: pnpm check-types + run: pnpm check:types - # TODO: In pnpm the tests are failing when there is not a node_modules present in the package. Haven't found a fix for it yet. - # - name: Test - # run: pnpm test + - name: Test + run: pnpm test continious-deployment: if: github.event_name == 'workflow_dispatch' @@ -100,4 +99,4 @@ jobs: prerelease: ${{ inputs.release-type == 'alpha' }} token: ${{ secrets.GH_TOKEN }} tag_name: v${{ steps.publish.outputs.LERNA_VERSION }} - name: Release v${{ steps.publish.outputs.LERNA_VERSION }} \ No newline at end of file + name: Release v${{ steps.publish.outputs.LERNA_VERSION }} diff --git a/.npmrc b/.npmrc deleted file mode 100644 index cc8df9d..0000000 --- a/.npmrc +++ /dev/null @@ -1 +0,0 @@ -node-linker=hoisted \ No newline at end of file diff --git a/package.json b/package.json index 094fd60..2cb02ca 100644 --- a/package.json +++ b/package.json @@ -2,32 +2,28 @@ "name": "openid-federation-ts", "private": true, "version": "0.1.0", - "description": "", - "main": "src/index.ts", - "keywords": [], + "description": "Openid Federation implementation", "author": "Animo Solutions", "license": "Apache-2.0", "scripts": { "clean": "rimraf **/build", "clean:deps ": "pnpm clean && rimraf node_modules", "build": "pnpm -r build", - "check-format": "pnpm biome check .", - "check-format:ci": "pnpm biome ci .", - "check-types": "pnpm build --noEmit", - "format": "pnpm check-format --write", + "check:style": "pnpm biome check .", + "check:types": "pnpm build --noEmit", + "format": "pnpm check:style --write --unsafe", "test": "pnpm -r test", "release": "lerna publish" }, "devDependencies": { "@biomejs/biome": "1.8.0", - "rimraf": "^5.0.7", - "tsx": "^4.13.1" + "rimraf": "^5.0.7" }, "pnpm": { "overrides": { "typescript": "~5.3.2", "@types/node": "^20.11.1", - "tsx": "^4.13.1" + "ts-node": "^10.9.2" } } } diff --git a/packages/core/__tests__/fixtures/constraintsFigure17.ts b/packages/core/__tests__/fixtures/constraintsFigure17.ts new file mode 100644 index 0000000..1cb1030 --- /dev/null +++ b/packages/core/__tests__/fixtures/constraintsFigure17.ts @@ -0,0 +1,8 @@ +export const constraintsFigure17 = { + max_path_length: 2, + naming_constraints: { + permitted: ['https://.example.com'], + excluded: ['https://east.example.com'], + }, + allowed_entity_types: ['openid_provider', 'openid_relying_party'], +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure18.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure18.ts new file mode 100644 index 0000000..23bb1de --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure18.ts @@ -0,0 +1,23 @@ +export const entityConfigurationFigure18 = { + iss: 'https://rp.example.it/spid/', + sub: 'https://rp.example.it/spid/', + iat: 1516239022, + exp: 1516298022, + // Added property as the example in the spec is invalid + jwks: { keys: [] }, + trust_marks: [ + { + id: 'https://www.spid.gov.it/certification/rp', + trust_mark: + 'eyJraWQiOiJmdWtDdUtTS3hwWWJjN09lZUk3Ynlya3N5a0E1bDhPb2RFSXVyOHJoNFlBIiwidHlwIjoidHJ1c3QtbWFyaytqd3QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3d3dy5hZ2lkLmdvdi5pdCIsInN1YiI6Imh0dHBzOi8vcnAuZXhhbXBsZS5pdC9zcGlkIiwiaWF0IjoxNTc5NjIxMTYwLCJpZCI6Imh0dHBzOi8vd3d3LnNwaWQuZ292Lml0L2NlcnRpZmljYXRpb24vcnAiLCJsb2dvX3VyaSI6Imh0dHBzOi8vd3d3LmFnaWQuZ292Lml0L3RoZW1lcy9jdXN0b20vYWdpZC9sb2dvLnN2ZyIsInJlZiI6Imh0dHBzOi8vZG9jcy5pdGFsaWEuaXQvZG9jcy9zcGlkLWNpZS1vaWRjLWRvY3MvaXQvdmVyc2lvbmUtY29ycmVudGUvIn0.AGf5Y4MoJt22rznH4i7Wqpb2EF2LzE6BFEkTzY1dCBMCK-8P_vj4Boz7335pUF45XXr2jx5_waDRgDoS5vOO-wfc0NWb4Zb_T1RCwcryrzV0z3jJICePMPM_1hZnBZjTNQd4EsFNvKmUo_teR2yzAZjguR2Rid30O5PO8kJtGaXDmz-rWaHbmfLhlNGJnqcp9Lo1bhkU_4Cjpn2bdX7RN0JyfHVY5IJXwdxUMENxZd-VtA5QYiw7kPExT53XcJO89ebe_ik4D0dl-vINwYhrIz2RPnqgA1OdbK7jg0vm8Tb3aemRLG7oLntHwqLO-gGYr6evM2_SgqwA0lQ9mB9yhw', + }, + ], + metadata: { + openid_relying_party: { + application_type: 'web', + client_registration_types: ['automatic'], + client_name: 'https://rp.example.it/spid/', + contacts: ['ops@rp.example.it'], + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure43.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure43.ts new file mode 100644 index 0000000..48123da --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure43.ts @@ -0,0 +1,42 @@ +export const entityConfigurationFigure43 = { + iss: 'https://openid.sunet.se', + sub: 'https://openid.sunet.se', + iat: 1516239022, + exp: 1516298022, + metadata: { + federation_entity: { + contacts: ['ops@sunet.se'], + federation_fetch_endpoint: 'https://sunet.se/openid/fedapi', + homepage_uri: 'https://www.sunet.se', + organization_name: 'SUNET', + }, + openid_provider: { + issuer: 'https://openid.sunet.se', + signed_jwks_uri: 'https://openid.sunet.se/jwks.jose', + authorization_endpoint: 'https://openid.sunet.se/authorization', + client_registration_types_supported: ['automatic', 'explicit'], + grant_types_supported: ['authorization_code'], + id_token_signing_alg_values_supported: ['ES256', 'RS256'], + logo_uri: 'https://www.umu.se/img/umu-logo-left-neg-SE.svg', + op_policy_uri: 'https://www.umu.se/en/website/legal-information/', + response_types_supported: ['code'], + subject_types_supported: ['pairwise', 'public'], + token_endpoint: 'https://openid.sunet.se/token', + federation_registration_endpoint: 'https://op.umu.se/openid/fedreg', + token_endpoint_auth_methods_supported: ['private_key_jwt'], + }, + }, + jwks: { + keys: [ + { + alg: 'RS256', + e: 'AQAB', + kid: 'key1', + kty: 'RSA', + n: 'pnXBOusEANuug6ewezb9J_...', + use: 'sig', + }, + ], + }, + authority_hints: ['https://edugain.org/federation'], +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure50.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure50.ts new file mode 100644 index 0000000..1f18547 --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure50.ts @@ -0,0 +1,40 @@ +export const entityConfigurationFigure50 = { + authority_hints: ['https://umu.se'], + exp: 1568397247, + iat: 1568310847, + iss: 'https://op.umu.se', + sub: 'https://op.umu.se', + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'dEEtRjlzY3djcENuT01wOGxrZlkxb3RIQVJlMTY0...', + kty: 'RSA', + n: 'x97YKqc9Cs-DNtFrQ7_vhXoH9bwkDWW6En2jJ044yH...', + }, + ], + }, + metadata: { + openid_provider: { + issuer: 'https://op.umu.se/openid', + signed_jwks_uri: 'https://op.umu.se/openid/jwks.jose', + authorization_endpoint: 'https://op.umu.se/openid/authorization', + client_registration_types_supported: ['automatic', 'explicit'], + request_parameter_supported: true, + grant_types_supported: ['authorization_code', 'implicit', 'urn:ietf:params:oauth:grant-type:jwt-bearer'], + id_token_signing_alg_values_supported: ['ES256', 'RS256'], + logo_uri: 'https://www.umu.se/img/umu-logo-left-neg-SE.svg', + op_policy_uri: 'https://www.umu.se/en/website/legal-information/', + response_types_supported: ['code', 'code id_token', 'token'], + subject_types_supported: ['pairwise', 'public'], + token_endpoint: 'https://op.umu.se/openid/token', + federation_registration_endpoint: 'https://op.umu.se/openid/fedreg', + token_endpoint_auth_methods_supported: [ + 'client_secret_post', + 'client_secret_basic', + 'client_secret_jwt', + 'private_key_jwt', + ], + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure52.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure52.ts new file mode 100644 index 0000000..bd7fd72 --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure52.ts @@ -0,0 +1,25 @@ +export const entityConfigurationFigure52 = { + authority_hints: ['https://swamid.se'], + exp: 1568397247, + iat: 1568310847, + iss: 'https://umu.se', + sub: 'https://umu.se', + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'endwNUZrNTJsX2NyQlp4bjhVcTFTTVltR2gxV2RV...', + kty: 'RSA', + n: 'vXdXzZwQo0hxRSmZEcDIsnpg-CMEkor50SOG-1XUlM...', + }, + ], + }, + metadata: { + federation_entity: { + contacts: ['ops@umu.se'], + federation_fetch_endpoint: 'https://umu.se/oidc/fedapi', + homepage_uri: 'https://www.umu.se', + organization_name: 'UmU', + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure56.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure56.ts new file mode 100644 index 0000000..a818e8c --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure56.ts @@ -0,0 +1,25 @@ +export const entityConfigurationFigure56 = { + authority_hints: ['https://edugain.geant.org'], + exp: 1568397247, + iat: 1568310847, + iss: 'https://swamid.se', + sub: 'https://swamid.se', + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'N1pQTzFxUXZ1RXVsUkVuMG5uMnVDSURGRVdhUzdO...', + kty: 'RSA', + n: '3EQc6cR_GSBq9km9-WCHY_lWJZWkcn0M05TGtH6D9S...', + }, + ], + }, + metadata: { + federation_entity: { + contacts: ['ops@swamid.se'], + federation_fetch_endpoint: 'https://swamid.se/fedapi', + homepage_uri: 'https://www.sunet.se/swamid/', + organization_name: 'SWAMID', + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure60.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure60.ts new file mode 100644 index 0000000..1e2c39f --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure60.ts @@ -0,0 +1,21 @@ +export const entityConfigurationFigure60 = { + exp: 1568397247, + iat: 1568310847, + iss: 'https://edugain.geant.org', + sub: 'https://edugain.geant.org', + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'Sl9DcjFxR3hrRGdabUNIR21KT3dvdWMyc2VUM2Fr...', + kty: 'RSA', + n: 'xKlwocDXUw-mrvDSO4oRrTRrVuTwotoBFpozvlq-1q...', + }, + ], + }, + metadata: { + federation_entity: { + federation_fetch_endpoint: 'https://geant.org/edugain/api', + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure69.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure69.ts new file mode 100644 index 0000000..a206467 --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure69.ts @@ -0,0 +1,35 @@ +export const entityConfigurationFigure69 = { + iss: 'https://wiki.ligo.org', + sub: 'https://wiki.ligo.org', + iat: 1676045527, + exp: 1676063610, + aud: 'https://op.umu.se', + metadata: { + openid_relying_party: { + application_type: 'web', + client_name: 'LIGO Wiki', + contacts: ['ops@ligo.org'], + grant_types: ['authorization_code'], + id_token_signed_response_alg: 'RS256', + signed_jwks_uri: 'https://wiki.ligo.org/jwks.jose', + redirect_uris: ['https://wiki.ligo.org/openid/callback'], + response_types: ['code'], + subject_type: 'public', + + // Added manually as the spec is invalid + client_registration_types: ['automatic'], + }, + }, + jwks: { + keys: [ + { + kty: 'RSA', + use: 'sig', + kid: 'U2JTWHY0VFg0a2FEVVdTaHptVDJsNDNiSDk5MXRBVEtNSFVkeXZwb', + e: 'AQAB', + n: '4AZjgqFwMhTVSLrpzzNcwaCyVD88C_Hb3Bmor97vH-2AzldhuVb8K...', + }, + ], + }, + authority_hints: ['https://incommon.org'], +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure8.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure8.ts new file mode 100644 index 0000000..428b3ea --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure8.ts @@ -0,0 +1,31 @@ +export const entityConfigurationFigure8 = { + iss: 'https://openid.sunet.se', + sub: 'https://openid.sunet.se', + iat: 1516239022, + exp: 1516298022, + metadata: { + openid_relying_party: { + application_type: 'web', + redirect_uris: ['https://openid.sunet.se/rp/callback'], + organization_name: 'SUNET', + logo_uri: 'https://www.sunet.se/sunet/images/32x32.png', + grant_types: ['authorization_code', 'implicit'], + signed_jwks_uri: 'https://openid.sunet.se/rp/signed_jwks.jose', + jwks_uri: 'https://openid.sunet.se/rp/jwks.json', + client_registration_types: ['automatic'], + }, + }, + jwks: { + keys: [ + { + alg: 'RS256', + e: 'AQAB', + kid: 'key1', + kty: 'RSA', + n: 'pnXBOusEANuug6ewezb9J_...', + use: 'sig', + }, + ], + }, + authority_hints: ['https://edugain.org/federation'], +} diff --git a/packages/core/__tests__/fixtures/entityConfigurationFigure9.ts b/packages/core/__tests__/fixtures/entityConfigurationFigure9.ts new file mode 100644 index 0000000..fdefcbd --- /dev/null +++ b/packages/core/__tests__/fixtures/entityConfigurationFigure9.ts @@ -0,0 +1,49 @@ +export const entityConfigurationFigure9 = { + iss: 'https://op.umu.se', + sub: 'https://op.umu.se', + exp: 1568397247, + iat: 1568310847, + metadata: { + openid_provider: { + issuer: 'https://op.umu.se/openid', + signed_jwks_uri: 'https://op.umu.se/openid/signed_jwks.jose', + authorization_endpoint: 'https://op.umu.se/openid/authorization', + client_registration_types_supported: ['automatic', 'explicit'], + grant_types_supported: ['authorization_code', 'implicit', 'urn:ietf:params:oauth:grant-type:jwt-bearer'], + id_token_signing_alg_values_supported: ['ES256', 'RS256'], + logo_uri: 'https://www.umu.se/img/umu-logo-left-neg-SE.svg', + op_policy_uri: 'https://www.umu.se/en/legal-information/', + response_types_supported: ['code', 'code id_token', 'token'], + subject_types_supported: ['pairwise', 'public'], + token_endpoint: 'https://op.umu.se/openid/token', + federation_registration_endpoint: 'https://op.umu.se/openid/fedreg', + token_endpoint_auth_methods_supported: [ + 'client_secret_post', + 'client_secret_basic', + 'client_secret_jwt', + 'private_key_jwt', + ], + pushed_authorization_request_endpoint: 'https://op.umu.se/openid/par', + request_authentication_methods_supported: { + authorization_endpoint: ['request_object'], + pushed_authorization_request_endpoint: [ + 'request_object', + 'private_key_jwt', + 'tls_client_auth', + 'self_signed_tls_client_auth', + ], + }, + }, + }, + authority_hints: ['https://umu.se'], + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'dEEtRjlzY3djcENuT01wOGxrZlkxb3RIQVJlMTY0...', + kty: 'RSA', + n: 'x97YKqc9Cs-DNtFrQ7_vhXoH9bwkDWW6En2jJ044yH...', + }, + ], + }, +} diff --git a/packages/core/__tests__/fixtures/entityStatementFigure2.ts b/packages/core/__tests__/fixtures/entityStatementFigure2.ts new file mode 100644 index 0000000..2ec2f8d --- /dev/null +++ b/packages/core/__tests__/fixtures/entityStatementFigure2.ts @@ -0,0 +1,52 @@ +export const entityStatementFigure2 = { + iss: 'https://feide.no', + sub: 'https://ntnu.no', + iat: 1516239022, + exp: 1516298022, + jwks: { + keys: [ + { + kty: 'RSA', + alg: 'RS256', + use: 'sig', + kid: 'NzbLsXh8uDCcd-6MNwXF4W_7noWXFZAfHkxZsRGC9Xs', + n: 'pnXBOusEANuug6ewezb9J_...', + e: 'AQAB', + }, + ], + }, + metadata: { + openid_provider: { + issuer: 'https://ntnu.no', + organization_name: 'NTNU', + + // Added manually as spec is invalid + client_registration_types_supported: ['automatic', 'explicit'], + }, + oauth_client: { + organization_name: 'NTNU', + }, + }, + metadata_policy: { + openid_provider: { + id_token_signing_alg_values_supported: { + subset_of: ['RS256', 'RS384', 'RS512'], + }, + op_policy_uri: { + regexp: '^https://[\\w-]+\\.example\\.com/[\\w-]+\\.html', + }, + }, + oauth_client: { + grant_types: { + one_of: ['authorization_code', 'client_credentials'], + }, + }, + }, + constraints: { + max_path_length: 2, + }, + crit: ['jti'], + metadata_policy_crit: ['regexp'], + source_endpoint: 'https://feide.no/federation_api/fetch', + jti: '7l2lncFdY6SlhNia', +} diff --git a/packages/core/__tests__/fixtures/entityStatementFigure26.ts b/packages/core/__tests__/fixtures/entityStatementFigure26.ts new file mode 100644 index 0000000..9b08747 --- /dev/null +++ b/packages/core/__tests__/fixtures/entityStatementFigure26.ts @@ -0,0 +1,34 @@ +export const entityStatementFigure26 = { + iss: 'https://edugain.org/federation', + sub: 'https://openid.sunet.se', + exp: 1568397247, + iat: 1568310847, + source_endpoint: 'https://edugain.org/federation/federation_fetch_endpoint', + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'dEEtRjlzY3djcENuT01wOGxrZlkxb3RIQVJlMTY0...', + kty: 'RSA', + n: 'x97YKqc9Cs-DNtFrQ7_vhXoH9bwkDWW6En2jJ044yH...', + }, + ], + }, + metadata: { + federation_entity: { + organization_name: 'SUNET', + }, + }, + metadata_policy: { + openid_provider: { + subject_types_supported: { + value: ['pairwise'], + }, + token_endpoint_auth_methods_supported: { + default: ['private_key_jwt'], + subset_of: ['private_key_jwt', 'client_secret_jwt'], + superset_of: ['private_key_jwt'], + }, + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityStatementFigure54.ts b/packages/core/__tests__/fixtures/entityStatementFigure54.ts new file mode 100644 index 0000000..386f9f2 --- /dev/null +++ b/packages/core/__tests__/fixtures/entityStatementFigure54.ts @@ -0,0 +1,35 @@ +export const entityStatementFigure54 = { + exp: 1568397247, + iat: 1568310847, + iss: 'https://umu.se', + sub: 'https://op.umu.se', + source_endpoint: 'https://umu.se/oidc/fedapi', + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'dEEtRjlzY3djcENuT01wOGxrZlkxb3RIQVJlMTY0...', + kty: 'RSA', + n: 'x97YKqc9Cs-DNtFrQ7_vhXoH9bwkDWW6En2jJ044yH...', + }, + ], + }, + metadata_policy: { + openid_provider: { + contacts: { + add: ['ops@swamid.se'], + }, + organization_name: { + value: 'University of Umeå', + }, + subject_types_supported: { + value: ['pairwise'], + }, + token_endpoint_auth_methods_supported: { + default: ['private_key_jwt'], + subset_of: ['private_key_jwt', 'client_secret_jwt'], + superset_of: ['private_key_jwt'], + }, + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityStatementFigure58.ts b/packages/core/__tests__/fixtures/entityStatementFigure58.ts new file mode 100644 index 0000000..da50f57 --- /dev/null +++ b/packages/core/__tests__/fixtures/entityStatementFigure58.ts @@ -0,0 +1,30 @@ +export const entityStatementFigure58 = { + exp: 1568397247, + iat: 1568310847, + iss: 'https://swamid.se', + sub: 'https://umu.se', + source_endpoint: 'https://swamid.se/fedapi', + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'endwNUZrNTJsX2NyQlp4bjhVcTFTTVltR2gxV2RV...', + kty: 'RSA', + n: 'vXdXzZwQo0hxRSmZEcDIsnpg-CMEkor50SOG-1XUlM...', + }, + ], + }, + metadata_policy: { + openid_provider: { + id_token_signing_alg_values_supported: { + subset_of: ['RS256', 'ES256', 'ES384', 'ES512'], + }, + token_endpoint_auth_methods_supported: { + subset_of: ['client_secret_jwt', 'private_key_jwt'], + }, + userinfo_signing_alg_values_supported: { + subset_of: ['ES256', 'ES384', 'ES512'], + }, + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityStatementFigure62.ts b/packages/core/__tests__/fixtures/entityStatementFigure62.ts new file mode 100644 index 0000000..40883db --- /dev/null +++ b/packages/core/__tests__/fixtures/entityStatementFigure62.ts @@ -0,0 +1,29 @@ +export const entityStatementFigure62 = { + exp: 1568397247, + iat: 1568310847, + iss: 'https://edugain.geant.org', + sub: 'https://swamid.se', + source_endpoint: 'https://edugain.geant.org/edugain/api', + jwks: { + keys: [ + { + e: 'AQAB', + kid: 'N1pQTzFxUXZ1RXVsUkVuMG5uMnVDSURGRVdhUzdO...', + kty: 'RSA', + n: '3EQc6cR_GSBq9km9-WCHY_lWJZWkcn0M05TGtH6D9S...', + }, + ], + }, + metadata_policy: { + openid_provider: { + contacts: { + add: 'ops@edugain.geant.org', + }, + }, + openid_relying_party: { + contacts: { + add: 'ops@edugain.geant.org', + }, + }, + }, +} diff --git a/packages/core/__tests__/fixtures/entityStatementFigure70.ts b/packages/core/__tests__/fixtures/entityStatementFigure70.ts new file mode 100644 index 0000000..75e335b --- /dev/null +++ b/packages/core/__tests__/fixtures/entityStatementFigure70.ts @@ -0,0 +1,48 @@ +export const entityStatementFigure70 = { + iss: 'https://op.umu.se', + sub: 'https://wiki.ligo.org', + aud: 'https://wiki.ligo.org', + iat: 1601457619, + exp: 1601544019, + trust_anchor_id: 'https://edugain.geant.org', + metadata: { + openid_relying_party: { + client_id: 'm3GyHw', + client_secret_expires_at: 1604049619, + client_secret: 'cb44eed577f3b5edf3e08362d47a0dc44630b3dc6ea99f7a79205', + client_id_issued_at: 1601457619, + application_type: 'web', + client_name: 'LIGO Wiki', + contacts: ['ops@edugain.geant.org', 'ops@incommon.org', 'ops@ligo.org'], + grant_types: ['authorization_code'], + id_token_signed_response_alg: 'RS256', + signed_jwks_uri: 'https://wiki.ligo.org/jwks.jose', + redirect_uris: ['https://wiki.ligo.org/openid/callback'], + response_types: ['code'], + subject_type: 'public', + + // Added manually as the spec is invalid + client_registration_types: ['automatic'], + }, + }, + authority_hints: ['https://incommon.org'], + jwks: { + keys: [ + { + kty: 'RSA', + use: 'sig', + kid: 'U2JTWHY0VFg0a2FEVVdTaHptVDJsNDNiSDk5MXRBVEtNSFVkeXZwb', + e: 'AQAB', + n: '4AZjgqFwMhTVSLrpzzNcwaCyVD88C_Hb3Bmor97vH-2AzldhuVb8K...', + }, + { + kty: 'EC', + use: 'sig', + kid: 'LWtFcklLOGdrW', + crv: 'P-256', + x: 'X2S1dFE7zokQDST0bfHdlOWxOc8FC1l4_sG1Kwa4l4s', + y: '812nU6OCKxgc2ZgSPt_dkXbYldG_smHJi4wXByDHc6g', + }, + ], + }, +} diff --git a/packages/core/__tests__/fixtures/federationEntityMetadataFigure7.ts b/packages/core/__tests__/fixtures/federationEntityMetadataFigure7.ts new file mode 100644 index 0000000..c7f7156 --- /dev/null +++ b/packages/core/__tests__/fixtures/federationEntityMetadataFigure7.ts @@ -0,0 +1,8 @@ +export const federationEntityMetadataFigure7 = { + federation_fetch_endpoint: 'https://amanita.caesarea.example.com/federation_fetch', + federation_list_endpoint: 'https://amanita.caesarea.example.com/federation_list', + federation_trust_mark_status_endpoint: 'https://amanita.caesarea.example.com/status', + federation_trust_mark_list_endpoint: 'https://amanita.caesarea.example.com/trust_marked_list', + organization_name: 'Ovulo Mushroom', + homepage_uri: 'https://amanita.caesarea.example.com', +} diff --git a/packages/core/__tests__/fixtures/metadataFigure63.ts b/packages/core/__tests__/fixtures/metadataFigure63.ts new file mode 100644 index 0000000..595ac04 --- /dev/null +++ b/packages/core/__tests__/fixtures/metadataFigure63.ts @@ -0,0 +1,18 @@ +export const metadataFigure63 = { + authorization_endpoint: 'https://op.umu.se/openid/authorization', + contacts: ['ops@swamid.se', 'ops@edugain.geant.org'], + federation_registration_endpoint: 'https://op.umu.se/openid/fedreg', + client_registration_types_supported: ['automatic', 'explicit'], + grant_types_supported: ['authorization_code', 'implicit', 'urn:ietf:params:oauth:grant-type:jwt-bearer'], + id_token_signing_alg_values_supported: ['RS256', 'ES256'], + issuer: 'https://op.umu.se/openid', + signed_jwks_uri: 'https://op.umu.se/openid/jwks.jose', + logo_uri: 'https://www.umu.se/img/umu-logo-left-neg-SE.svg', + organization_name: 'University of Umeå', + op_policy_uri: 'https://www.umu.se/en/website/legal-information/', + request_parameter_supported: true, + response_types_supported: ['code', 'code id_token', 'token'], + subject_types_supported: ['pairwise'], + token_endpoint: 'https://op.umu.se/openid/token', + token_endpoint_auth_methods_supported: ['private_key_jwt', 'client_secret_jwt'], +} diff --git a/packages/core/__tests__/fixtures/trustMarkClaimsFigure19.ts b/packages/core/__tests__/fixtures/trustMarkClaimsFigure19.ts new file mode 100644 index 0000000..23bdeee --- /dev/null +++ b/packages/core/__tests__/fixtures/trustMarkClaimsFigure19.ts @@ -0,0 +1,11 @@ +export const trustMarkClaimsFigure19 = { + id: 'https://mushrooms.federation.example.com/openid_relying_party/public/', + iss: 'https://epigeo.tm-issuer.example.it', + sub: 'https://porcino.example.com/rp', + iat: 1579621160, + organization_name: 'Porcino Mushrooms & Co.', + policy_uri: 'https://porcino.example.com/privacy_policy', + tos_uri: 'https://porcino.example.com/info_policy', + service_documentation: 'https://porcino.example.com/api/v1/get/services', + ref: 'https://porcino.example.com/documentation/manuale_operativo.pdf', +} diff --git a/packages/core/__tests__/fixtures/trustMarkClaimsFigure21.ts b/packages/core/__tests__/fixtures/trustMarkClaimsFigure21.ts new file mode 100644 index 0000000..4787f6b --- /dev/null +++ b/packages/core/__tests__/fixtures/trustMarkClaimsFigure21.ts @@ -0,0 +1,15 @@ +export const trustMarkClaimsFigure21 = { + id: 'https://mushrooms.federation.example.com/arrosto/agreements', + iss: 'https://agaricaceae.example.it', + sub: 'https://coppolino.example.com', + iat: 1579621160, + logo_uri: 'https://coppolino.example.com/sgd-cmyk-150dpi-90mm.svg', + organization_type: 'public', + id_code: '123456', + email: 'info@coppolino.example.com', + 'organization_name#it': 'Mazza di Tamburo', + 'policy_uri#it': 'https://coppolino.example.com/privacy_policy', + 'tos_uri#it': 'https://coppolino.example.com/info_policy', + service_documentation: 'https://coppolino.example.com/api/v1/get/services', + ref: 'https://agaricaceae.example.it/documentation/agaricaceae.pdf', +} diff --git a/packages/core/__tests__/fixtures/trustMarkClaimsFigure22.ts b/packages/core/__tests__/fixtures/trustMarkClaimsFigure22.ts new file mode 100644 index 0000000..f39051c --- /dev/null +++ b/packages/core/__tests__/fixtures/trustMarkClaimsFigure22.ts @@ -0,0 +1,8 @@ +export const trustMarkClaimsFigure22 = { + id: 'https://mushrooms.federation.example.com/ottimo/commestibile', + iss: 'https://cantharellus.cibarius.example.org', + sub: 'https://gallinaccio.example.com/op', + iat: 1579621160, + logo_uri: 'https://cantharellus.cibarius/static/images/cantharellus-cibarius.svg', + ref: 'https://cantharellus.cibarius/cantharellus/cibarius', +} diff --git a/packages/core/__tests__/fixtures/trustMarkClaimsFigure23.ts b/packages/core/__tests__/fixtures/trustMarkClaimsFigure23.ts new file mode 100644 index 0000000..f9f60e8 --- /dev/null +++ b/packages/core/__tests__/fixtures/trustMarkClaimsFigure23.ts @@ -0,0 +1,8 @@ +export const trustMarkClaimsFigure23 = { + id: 'https://mushrooms.federation.example.com/trust-marks/self-signed', + iss: 'https://amanita.muscaria.example.com', + sub: 'https://amanita.muscaria.example.com', + iat: 1579621160, + logo_uri: 'https://amanita.muscaria.example.com/img/amanita-mus.svg', + ref: 'https://amanita.muscaria.example.com/uploads/cookbook.zip', +} diff --git a/packages/core/__tests__/fixtures/trustMarkClaimsFigure24.ts b/packages/core/__tests__/fixtures/trustMarkClaimsFigure24.ts new file mode 100644 index 0000000..9e9526c --- /dev/null +++ b/packages/core/__tests__/fixtures/trustMarkClaimsFigure24.ts @@ -0,0 +1,7 @@ +export const trustMarkClaimsFigure24 = { + iss: 'https://swamid.se', + sub: 'https://umu.se/op', + iat: 1577833200, + exp: 1609369200, + id: 'https://refeds.org/wp-content/uploads/2016/01/Sirtfi-1.0.pdf', +} diff --git a/packages/core/__tests__/fixtures/trustMarkIssuersFigure4.ts b/packages/core/__tests__/fixtures/trustMarkIssuersFigure4.ts new file mode 100644 index 0000000..795f4ca --- /dev/null +++ b/packages/core/__tests__/fixtures/trustMarkIssuersFigure4.ts @@ -0,0 +1,4 @@ +export const trustMarkIssuersFigure4 = { + 'https://openid.net/certification/op': [], + 'https://refeds.org/wp-content/uploads/2016/01/Sirtfi-1.0.pdf': ['https://swamid.se'], +} diff --git a/packages/core/__tests__/fixtures/trustMarkOwnersFigure3.ts b/packages/core/__tests__/fixtures/trustMarkOwnersFigure3.ts new file mode 100644 index 0000000..c5631bd --- /dev/null +++ b/packages/core/__tests__/fixtures/trustMarkOwnersFigure3.ts @@ -0,0 +1,17 @@ +export const trustMarkOwnersFigure3 = { + 'https://refeds.org/wp-content/uploads/2016/01/Sirtfi-1.0.pdf': { + sub: 'https://refeds.org/sirtfi', + jwks: { + keys: [ + { + alg: 'RS256', + e: 'AQAB', + kid: 'key1', + kty: 'RSA', + n: 'pnXBOusEANuug6ewezb9J_...', + use: 'sig', + }, + ], + }, + }, +} diff --git a/packages/core/__tests__/fixtures/trustmarkClaimsFigure20.ts b/packages/core/__tests__/fixtures/trustmarkClaimsFigure20.ts new file mode 100644 index 0000000..2d3ec0a --- /dev/null +++ b/packages/core/__tests__/fixtures/trustmarkClaimsFigure20.ts @@ -0,0 +1,9 @@ +export const trustMarkClaimsFigure20 = { + id: 'https://mushrooms.federation.example.com/openid_relying_party/private/under-age', + iss: 'https://trustissuer.pinarolo.example.it', + sub: 'https://vavuso.example.com/rp', + iat: 1579621160, + organization_name: 'Pinarolo Suillus luteus', + policy_uri: 'https://vavuso.example.com/policy', + tos_uri: 'https://vavuso.example.com/tos', +} diff --git a/packages/core/__tests__/schemas.test.ts b/packages/core/__tests__/schemas.test.ts new file mode 100644 index 0000000..6777315 --- /dev/null +++ b/packages/core/__tests__/schemas.test.ts @@ -0,0 +1,146 @@ +import assert from 'node:assert/strict' +import { describe, it } from 'node:test' + +import { constraintSchema } from '../src/constraints' +import { entityConfigurationSchema } from '../src/entityConfiguration' +import { entityStatementClaimsSchema } from '../src/entityStatement' +import { metadataSchema } from '../src/metadata/metadata' +import { trustMarkClaimsSchema } from '../src/trustMark' +import { trustMarkIssuerSchema } from '../src/trustMark' +import { trustMarkOwnerSchema } from '../src/trustMark' + +import { federationEntityMetadata } from '../src/metadata' +import { constraintsFigure17 } from './fixtures/constraintsFigure17' +import { entityConfigurationFigure8 } from './fixtures/entityConfigurationFigure8' +import { entityConfigurationFigure9 } from './fixtures/entityConfigurationFigure9' +import { entityConfigurationFigure18 } from './fixtures/entityConfigurationFigure18' +import { entityConfigurationFigure43 } from './fixtures/entityConfigurationFigure43' +import { entityConfigurationFigure50 } from './fixtures/entityConfigurationFigure50' +import { entityConfigurationFigure52 } from './fixtures/entityConfigurationFigure52' +import { entityConfigurationFigure56 } from './fixtures/entityConfigurationFigure56' +import { entityConfigurationFigure60 } from './fixtures/entityConfigurationFigure60' +import { entityConfigurationFigure69 } from './fixtures/entityConfigurationFigure69' +import { entityStatementFigure2 } from './fixtures/entityStatementFigure2' +import { entityStatementFigure26 } from './fixtures/entityStatementFigure26' +import { entityStatementFigure54 } from './fixtures/entityStatementFigure54' +import { entityStatementFigure58 } from './fixtures/entityStatementFigure58' +import { entityStatementFigure62 } from './fixtures/entityStatementFigure62' +import { entityStatementFigure70 } from './fixtures/entityStatementFigure70' +import { federationEntityMetadataFigure7 } from './fixtures/federationEntityMetadataFigure7' +import { metadataFigure63 } from './fixtures/metadataFigure63' +import { trustMarkClaimsFigure19 } from './fixtures/trustMarkClaimsFigure19' +import { trustMarkClaimsFigure21 } from './fixtures/trustMarkClaimsFigure21' +import { trustMarkClaimsFigure22 } from './fixtures/trustMarkClaimsFigure22' +import { trustMarkClaimsFigure23 } from './fixtures/trustMarkClaimsFigure23' +import { trustMarkClaimsFigure24 } from './fixtures/trustMarkClaimsFigure24' +import { trustMarkIssuersFigure4 } from './fixtures/trustMarkIssuersFigure4' +import { trustMarkOwnersFigure3 } from './fixtures/trustMarkOwnersFigure3' +import { trustMarkClaimsFigure20 } from './fixtures/trustmarkClaimsFigure20' + +describe('zod validation schemas', () => { + describe('validate valid test vectors', () => { + it('should validate figure 2 -- entity statement', () => { + assert.doesNotThrow(() => entityStatementClaimsSchema.parse(entityStatementFigure2)) + }) + + it('should validate figure 3 -- trust mark owners', () => { + assert.doesNotThrow(() => trustMarkOwnerSchema.parse(trustMarkOwnersFigure3)) + }) + + it('should validate figure 4 -- trust mark issuers', () => { + assert.doesNotThrow(() => trustMarkIssuerSchema.parse(trustMarkIssuersFigure4)) + }) + + it('should validate figure 7 -- federation entity metadata', () => { + assert.doesNotThrow(() => federationEntityMetadata.schema.parse(federationEntityMetadataFigure7)) + }) + + it('should validate figure 8 -- entity configuration', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure8)) + }) + + it('should validate figure 9 -- entity configuration', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure9)) + }) + + it('should validate figure 17 -- constraints', () => { + assert.doesNotThrow(() => constraintSchema.parse(constraintsFigure17)) + }) + + it('should validate figure 18 -- entity configuration', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure18)) + }) + + it('should validate figure 19 -- trust mark claims', () => { + assert.doesNotThrow(() => trustMarkClaimsSchema.parse(trustMarkClaimsFigure19)) + }) + + it('should validate figure 20 -- trust mark claims', () => { + assert.doesNotThrow(() => trustMarkClaimsSchema.parse(trustMarkClaimsFigure20)) + }) + + it('should validate figure 21 -- trust mark claims', () => { + assert.doesNotThrow(() => trustMarkClaimsSchema.parse(trustMarkClaimsFigure21)) + }) + + it('should validate figure 22 -- trust mark claims', () => { + assert.doesNotThrow(() => trustMarkClaimsSchema.parse(trustMarkClaimsFigure22)) + }) + + it('should validate figure 23 -- trust mark claims', () => { + assert.doesNotThrow(() => trustMarkClaimsSchema.parse(trustMarkClaimsFigure23)) + }) + + it('should validate figure 24 -- trust mark claims', () => { + assert.doesNotThrow(() => trustMarkClaimsSchema.parse(trustMarkClaimsFigure24)) + }) + + it('should validate figure 26 -- entity statement', () => { + assert.doesNotThrow(() => entityStatementClaimsSchema.parse(entityStatementFigure26)) + }) + + it('should validate figure 43 -- entity configuration', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure43)) + }) + + it('should validate figure 50 -- entity configuration', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure50)) + }) + + it('should validate figure 52 -- entity configuration', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure52)) + }) + + it('should validate figure 54 -- entity statement', () => { + assert.doesNotThrow(() => entityStatementClaimsSchema.parse(entityStatementFigure54)) + }) + + it('should validate figure 56 -- entity configuration', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure56)) + }) + + it('should validate figure 58 -- entity statement', () => { + assert.doesNotThrow(() => entityStatementClaimsSchema.parse(entityStatementFigure58)) + }) + + it('should validate figure 60 -- entity configutation', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure60)) + }) + + it('should validate figure 62 -- entity statement', () => { + assert.doesNotThrow(() => entityStatementClaimsSchema.parse(entityStatementFigure62)) + }) + + it('should validate figure 63 -- metadata', () => { + assert.doesNotThrow(() => metadataSchema.parse(metadataFigure63)) + }) + + it('should validate figure 69 -- entity configuration', () => { + assert.doesNotThrow(() => entityConfigurationSchema.parse(entityConfigurationFigure69)) + }) + + it('should validate figure 70 -- entity statement', () => { + assert.doesNotThrow(() => entityStatementClaimsSchema.parse(entityStatementFigure70)) + }) + }) +}) diff --git a/packages/core/package.json b/packages/core/package.json new file mode 100644 index 0000000..4953b71 --- /dev/null +++ b/packages/core/package.json @@ -0,0 +1,22 @@ +{ + "name": "@openid-federation/core", + "version": "0.1.0", + "description": "Core types and functionality of openid federation", + "license": "Apache-2.0", + "main": "src/index.ts", + "keywords": [], + "author": "Animo Solutions", + "scripts": { + "build": "tsc", + "test": "node --require ts-node/register --test __tests__/*.test.ts" + }, + "dependencies": { + "buffer": "^6.0.3", + "zod": "^3.23.8" + }, + "devDependencies": { + "@types/node": "*", + "ts-node": "*", + "typescript": "*" + } +} diff --git a/packages/core/src/constraints.ts b/packages/core/src/constraints.ts new file mode 100644 index 0000000..4c09872 --- /dev/null +++ b/packages/core/src/constraints.ts @@ -0,0 +1,27 @@ +import { z } from 'zod' + +export const constraintSchema = z.object({ + max_path_length: z.number().optional(), + naming_constraints: z + .object({ + permitted: z.array(z.string()).optional(), + excluded: z.array(z.string()).optional(), + }) + .optional(), + allowed_entity_types: z + .array( + z.string().refine((s) => s !== 'federation_entity', { + message: `Value cannot be "federation_entity"`, + }) + ) + .optional(), +}) + +/** + * + * {@link https://openid.net/specs/openid-federation-1_0.html#name-constraints | Constraints} + * + * Trust Anchors and Intermediate Entities MAY define constraining criteria that apply to their Subordinates. They are expressed in the constraints claim of a Subordinate Statement, as described in {@link https://openid.net/specs/openid-federation-1_0.html#entity-statement | Section 3}. + * + */ +export type Constraint = z.input diff --git a/packages/core/src/entityConfiguration.ts b/packages/core/src/entityConfiguration.ts new file mode 100644 index 0000000..a1941e7 --- /dev/null +++ b/packages/core/src/entityConfiguration.ts @@ -0,0 +1,9 @@ +import type { z } from 'zod' +import { entityStatementClaimsSchema } from './entityStatement' + +export const entityConfigurationSchema = entityStatementClaimsSchema.refine((data) => data.iss === data.sub, { + message: 'iss and sub must be equal', + path: ['iss', 'sub'], +}) + +export type EntityConfiguration = z.input diff --git a/packages/core/src/entityStatement.ts b/packages/core/src/entityStatement.ts new file mode 100644 index 0000000..27241fc --- /dev/null +++ b/packages/core/src/entityStatement.ts @@ -0,0 +1,27 @@ +import { constraintSchema } from './constraints' +import { jsonWebKeySetSchema } from './jsonWeb' +import { metadataPolicySchema, metadataSchema } from './metadata' +import { trustMarkIssuerSchema, trustMarkOwnerSchema, trustMarkSchema } from './trustMark' +import { dateSchema } from './utils' + +import { z } from 'zod' + +export const entityStatementClaimsSchema = z.object({ + iss: z.string(), + sub: z.string(), + iat: dateSchema, + exp: dateSchema, + jwks: jsonWebKeySetSchema, + authority_hints: z.array(z.string().url()).optional(), + metadata: metadataSchema.optional(), + metadata_policy: metadataPolicySchema.optional(), + constraints: constraintSchema.optional(), + crit: z.array(z.string()).optional(), + metadata_policy_crit: z.array(z.string()).optional(), + trust_marks: z.array(trustMarkSchema).optional(), + trust_mark_issuers: trustMarkIssuerSchema.optional(), + trust_mark_owners: trustMarkOwnerSchema.optional(), + source_endpoint: z.string().url().optional(), +}) + +export type EntityStatementClaims = z.input diff --git a/packages/openid-federation-fetch/src/index.ts b/packages/core/src/index.ts similarity index 100% rename from packages/openid-federation-fetch/src/index.ts rename to packages/core/src/index.ts diff --git a/packages/core/src/jsonWeb/index.ts b/packages/core/src/jsonWeb/index.ts new file mode 100644 index 0000000..b3f1108 --- /dev/null +++ b/packages/core/src/jsonWeb/index.ts @@ -0,0 +1,3 @@ +export * from './jsonWebKey' +export * from './jsonWebKeySet' +export * from './jsonWebToken' diff --git a/packages/core/src/jsonWeb/jsonWebKey.ts b/packages/core/src/jsonWeb/jsonWebKey.ts new file mode 100644 index 0000000..b1a6ada --- /dev/null +++ b/packages/core/src/jsonWeb/jsonWebKey.ts @@ -0,0 +1,13 @@ +import { z } from 'zod' + +export const jsonWebKeySchema = z.object({ + kty: z.string(), + use: z.string().optional(), + key_ops: z.string().optional(), + alg: z.string().optional(), + kid: z.string().optional(), + x5u: z.string().optional(), + x5c: z.string().optional(), + x5t: z.string().optional(), + 'x5t#S256': z.string().optional(), +}) diff --git a/packages/core/src/jsonWeb/jsonWebKeySet.ts b/packages/core/src/jsonWeb/jsonWebKeySet.ts new file mode 100644 index 0000000..2c7738a --- /dev/null +++ b/packages/core/src/jsonWeb/jsonWebKeySet.ts @@ -0,0 +1,8 @@ +import { z } from 'zod' +import { jsonWebKeySchema } from './jsonWebKey' + +export const jsonWebKeySetSchema = z.object({ + keys: z.array(jsonWebKeySchema), +}) + +export type JsonWebKeySet = z.input diff --git a/packages/core/src/jsonWeb/jsonWebToken.ts b/packages/core/src/jsonWeb/jsonWebToken.ts new file mode 100644 index 0000000..0fc7aab --- /dev/null +++ b/packages/core/src/jsonWeb/jsonWebToken.ts @@ -0,0 +1,29 @@ +import { Buffer } from 'node:buffer' +import { type ZodSchema, z } from 'zod' + +const defaultSchema = z.record(z.string().or(z.number()), z.unknown()) + +/** + * + * @todo better jwt validation + * + */ +export const jsonWebTokenSchema = ( + { + claimsSchema = defaultSchema, + headerSchema = defaultSchema, + }: { + claimsSchema?: ZodSchema + headerSchema?: ZodSchema + } = { claimsSchema: defaultSchema, headerSchema: defaultSchema } +) => + z.string().refine((s) => { + const [header, claims] = s.split('.') + const decodedHeader = Buffer.from(header, 'base64url').toString() + const decodedClaims = Buffer.from(claims, 'base64url').toString() + + const validatedHeader = headerSchema.parse(JSON.parse(decodedHeader)) + const validatedClaims = claimsSchema.parse(JSON.parse(decodedClaims)) + + return { header: validatedHeader, claims: validatedClaims } + }) diff --git a/packages/core/src/metadata/common.ts b/packages/core/src/metadata/common.ts new file mode 100644 index 0000000..ee2dc86 --- /dev/null +++ b/packages/core/src/metadata/common.ts @@ -0,0 +1,16 @@ +import { z } from 'zod' +import { jsonWebKeySetSchema } from '../jsonWeb' + +export const commonMetadataSchema = z.object({ + // -- 5.2.1 Extensions for JWK Sets in Entity Metadata + signed_jwks_uri: z.string().url().optional(), + jwks_uri: z.string().url().optional(), + jwks: jsonWebKeySetSchema.optional(), + + // -- 5.2.2 informational Metadata Extensions -- + organization_name: z.string().optional(), + contacts: z.array(z.string()).min(1).optional(), + logo_uri: z.string().url().optional(), + policy_uri: z.string().url().optional(), + homepage_uri: z.string().url().optional(), +}) diff --git a/packages/core/src/metadata/entity/federationEntity.ts b/packages/core/src/metadata/entity/federationEntity.ts new file mode 100644 index 0000000..0795960 --- /dev/null +++ b/packages/core/src/metadata/entity/federationEntity.ts @@ -0,0 +1,22 @@ +import { z } from 'zod' +import { createEntity } from './utils' + +/** + * + * {@link https://openid.net/specs/openid-federation-1_0.html#section-5.1.1-1 | Federation Entity} + * + */ +export const federationEntityMetadata = createEntity({ + identifier: 'federation_entity', + additionalValidation: { + federation_fetch_endpoint: z.string().url().optional(), + federation_list_endpoint: z.string().url().optional(), + federation_resolve_endpoint: z.string().url().optional(), + federation_trust_mark_status_endpoint: z.string().url().optional(), + federation_trust_mark_list_endpoint: z.string().url().optional(), + federation_trust_mark_endpoint: z.string().url().optional(), + federation_historical_keys_endpoint: z.string().url().optional(), + }, +}) + +export type FederationEntityMetadata = z.input<(typeof federationEntityMetadata)['schema']> diff --git a/packages/core/src/metadata/entity/index.ts b/packages/core/src/metadata/entity/index.ts new file mode 100644 index 0000000..a7635ce --- /dev/null +++ b/packages/core/src/metadata/entity/index.ts @@ -0,0 +1,6 @@ +export * from './federationEntity' +export * from './oauthClient' +export * from './oauthResource' +export * from './openIdProvider' +export * from './openIdRelyingParty' +export * from './oauthAuthorizationServer' diff --git a/packages/core/src/metadata/entity/oauthAuthorizationServer.ts b/packages/core/src/metadata/entity/oauthAuthorizationServer.ts new file mode 100644 index 0000000..8d81ff5 --- /dev/null +++ b/packages/core/src/metadata/entity/oauthAuthorizationServer.ts @@ -0,0 +1,13 @@ +import type { z } from 'zod' +import { createEntity } from './utils' + +/** + * + * https://openid.net/specs/openid-federation-1_0.html#section-5.1.4-1 + * + */ +export const oauthAuthorizationServerEntityMetadata = createEntity({ + identifier: 'oauth_authorization_server', +}) + +export type OauthAuthorizationServerMetadata = z.input<(typeof oauthAuthorizationServerEntityMetadata)['schema']> diff --git a/packages/core/src/metadata/entity/oauthClient.ts b/packages/core/src/metadata/entity/oauthClient.ts new file mode 100644 index 0000000..e64c6a7 --- /dev/null +++ b/packages/core/src/metadata/entity/oauthClient.ts @@ -0,0 +1,11 @@ +import type { z } from 'zod' +import { createEntity } from './utils' + +/** + * + * {@link https://openid.net/specs/openid-federation-1_0.html#section-5.1.5-1 | oauth Client} + * + */ +export const oauthClientEntityMetadata = createEntity({ identifier: 'oauth_client' }) + +export type OauthClientMetadata = z.input<(typeof oauthClientEntityMetadata)['schema']> diff --git a/packages/core/src/metadata/entity/oauthResource.ts b/packages/core/src/metadata/entity/oauthResource.ts new file mode 100644 index 0000000..beb8d37 --- /dev/null +++ b/packages/core/src/metadata/entity/oauthResource.ts @@ -0,0 +1,13 @@ +import type { z } from 'zod' +import { createEntity } from './utils' + +/** + * + * https://openid.net/specs/openid-federation-1_0.html#section-5.1.6 + * + */ +export const oauthResourceEntityMetadata = createEntity({ + identifier: 'oauth_resource', +}) + +export type OauthResourceMetadata = z.input<(typeof oauthResourceEntityMetadata)['schema']> diff --git a/packages/core/src/metadata/entity/openIdProvider.ts b/packages/core/src/metadata/entity/openIdProvider.ts new file mode 100644 index 0000000..99da1fd --- /dev/null +++ b/packages/core/src/metadata/entity/openIdProvider.ts @@ -0,0 +1,24 @@ +import { z } from 'zod' +import { createEntity } from './utils' + +/** + * + * {@link https://openid.net/specs/openid-federation-1_0.html#section-5.1.3-1 | openID Provider} + * + */ +export const openIdProviderEntityMetadata = createEntity({ + identifier: 'openid_provider', + additionalValidation: { + client_registration_types_supported: z.array(z.string()), + federation_registration_endpoint: z.string().url().optional(), + request_authentication_methods_supported: z + .object({ + authorization_endpoint: z.array(z.string()).optional(), + pushed_authorization_request_endpoint: z.array(z.string()).optional(), + }) + .optional(), + request_authentication_signing_alg_values_supported: z.array(z.string()).optional(), + }, +}) + +export type OpenIdProviderMetadata = z.input<(typeof openIdProviderEntityMetadata)['schema']> diff --git a/packages/core/src/metadata/entity/openIdRelyingParty.ts b/packages/core/src/metadata/entity/openIdRelyingParty.ts new file mode 100644 index 0000000..96d2838 --- /dev/null +++ b/packages/core/src/metadata/entity/openIdRelyingParty.ts @@ -0,0 +1,16 @@ +import { z } from 'zod' +import { createEntity } from './utils' + +/** + * + * {@link https://openid.net/specs/openid-federation-1_0.html#section-5.1.2-1 | openID Relying Party } + * + */ +export const openidRelyingPartyEntityMetadata = createEntity({ + identifier: 'openid_relying_party', + additionalValidation: { + client_registration_types: z.array(z.string()), + }, +}) + +export type OpenIdRelyingPartyMetadata = z.input<(typeof openidRelyingPartyEntityMetadata)['schema']> diff --git a/packages/core/src/metadata/entity/utils/createEntity.ts b/packages/core/src/metadata/entity/utils/createEntity.ts new file mode 100644 index 0000000..a405494 --- /dev/null +++ b/packages/core/src/metadata/entity/utils/createEntity.ts @@ -0,0 +1,19 @@ +import type { z } from 'zod' +import { commonMetadataSchema } from '../../common' +import { swapValidators } from '../../operator' +import { metadataPolicySchema } from '../../policy' + +export const createEntity = ({ + identifier, + additionalValidation = {}, +}: { + identifier: string + additionalValidation?: z.ZodRawShape +}) => { + const schema = commonMetadataSchema.extend(additionalValidation) + return { + identifier, + schema, + policySchema: swapValidators(schema, metadataPolicySchema), + } +} diff --git a/packages/core/src/metadata/entity/utils/index.ts b/packages/core/src/metadata/entity/utils/index.ts new file mode 100644 index 0000000..652a61e --- /dev/null +++ b/packages/core/src/metadata/entity/utils/index.ts @@ -0,0 +1 @@ +export * from './createEntity' diff --git a/packages/core/src/metadata/index.ts b/packages/core/src/metadata/index.ts new file mode 100644 index 0000000..3462b93 --- /dev/null +++ b/packages/core/src/metadata/index.ts @@ -0,0 +1,4 @@ +export * from './metadata' +export * from './entity' +export * from './operator' +export * from './policy' diff --git a/packages/core/src/metadata/metadata.ts b/packages/core/src/metadata/metadata.ts new file mode 100644 index 0000000..cff4c3b --- /dev/null +++ b/packages/core/src/metadata/metadata.ts @@ -0,0 +1,21 @@ +import { z } from 'zod' + +import { + federationEntityMetadata, + oauthAuthorizationServerEntityMetadata, + oauthClientEntityMetadata, + oauthResourceEntityMetadata, + openIdProviderEntityMetadata, + openidRelyingPartyEntityMetadata, +} from './entity' + +export const metadataSchema = z.object({ + [federationEntityMetadata.identifier]: federationEntityMetadata.schema.optional(), + [openidRelyingPartyEntityMetadata.identifier]: openidRelyingPartyEntityMetadata.schema.optional(), + [openIdProviderEntityMetadata.identifier]: openIdProviderEntityMetadata.schema.optional(), + [oauthAuthorizationServerEntityMetadata.identifier]: oauthAuthorizationServerEntityMetadata.schema.optional(), + [oauthClientEntityMetadata.identifier]: oauthClientEntityMetadata.schema.optional(), + [oauthResourceEntityMetadata.identifier]: oauthResourceEntityMetadata.schema.optional(), +}) + +export type Metadata = z.input diff --git a/packages/core/src/metadata/metadataPolicy.ts b/packages/core/src/metadata/metadataPolicy.ts new file mode 100644 index 0000000..36ef708 --- /dev/null +++ b/packages/core/src/metadata/metadataPolicy.ts @@ -0,0 +1,18 @@ +import { z } from 'zod' +import { + federationEntityMetadata, + oauthAuthorizationServerEntityMetadata, + oauthClientEntityMetadata, + oauthResourceEntityMetadata, + openIdProviderEntityMetadata, + openidRelyingPartyEntityMetadata, +} from './entity' + +export const metadataPolicySchema = z.object({ + [federationEntityMetadata.identifier]: federationEntityMetadata.policySchema.optional(), + [openidRelyingPartyEntityMetadata.identifier]: openidRelyingPartyEntityMetadata.policySchema.optional(), + [openIdProviderEntityMetadata.identifier]: openIdProviderEntityMetadata.policySchema.optional(), + [oauthAuthorizationServerEntityMetadata.identifier]: oauthAuthorizationServerEntityMetadata.policySchema.optional(), + [oauthClientEntityMetadata.identifier]: oauthClientEntityMetadata.policySchema.optional(), + [oauthResourceEntityMetadata.identifier]: oauthResourceEntityMetadata.policySchema.optional(), +}) diff --git a/packages/core/src/metadata/operator/MetadataMergeStrategy.ts b/packages/core/src/metadata/operator/MetadataMergeStrategy.ts new file mode 100644 index 0000000..ac43cd5 --- /dev/null +++ b/packages/core/src/metadata/operator/MetadataMergeStrategy.ts @@ -0,0 +1,26 @@ +export enum MetadataMergeStrategy { + /** + * + * Allowed only when the operator values are equal. If not, this MUST result in a policy error. + * + */ + OperatorValuesEqual = 0, + /** + * + * The result of merging the values of two these operators is the union of the operator values. + * + */ + Union = 1, + /** + * + * The result of merging the values of two these operators is the intersection of the operator values. If the intersection is empty, this MUST result in a policy error. + * + */ + Intersection = 2, + /** + * + * If a Superior has specified essential=true, then a Subordinate MUST NOT change that. If a Superior has specified essential=false, then a Subordinate is allowed to change that to essential=true. If a Superior has not specified essential, then a Subordinate can set essential to true or false. If those conditions are not met, this MUST result in a policy error. + * + */ + SuperiorFollowsIfTrue = 3, +} diff --git a/packages/core/src/metadata/operator/MetadataOperator.ts b/packages/core/src/metadata/operator/MetadataOperator.ts new file mode 100644 index 0000000..835a042 --- /dev/null +++ b/packages/core/src/metadata/operator/MetadataOperator.ts @@ -0,0 +1,12 @@ +import type { z } from 'zod' +import type { MetadataMergeStrategy } from './MetadataMergeStrategy' +import type { MetadataOrderOfApplication } from './MetadataOrderOfApplication' + +export type MetadataOperator = { + key: string + parameterJsonValues: Array + operatorJsonValues: Array + canBeCombinedWith: Array + orderOfApplication: MetadataOrderOfApplication + mergeStrategy: MetadataMergeStrategy +} diff --git a/packages/core/src/metadata/operator/MetadataOrderOfApplication.ts b/packages/core/src/metadata/operator/MetadataOrderOfApplication.ts new file mode 100644 index 0000000..13e41aa --- /dev/null +++ b/packages/core/src/metadata/operator/MetadataOrderOfApplication.ts @@ -0,0 +1,9 @@ +export enum MetadataOrderOfApplication { + First = 0, + AfterValue = 1, + AfterAdd = 2, + AfterDefault = 3, + AfterOneOf = 4, + AfterSubsetOf = 5, + Last = 6, +} diff --git a/packages/core/src/metadata/operator/index.ts b/packages/core/src/metadata/operator/index.ts new file mode 100644 index 0000000..d007cb2 --- /dev/null +++ b/packages/core/src/metadata/operator/index.ts @@ -0,0 +1,5 @@ +export * from './MetadataOperator' +export * from './MetadataMergeStrategy' +export * from './MetadataOrderOfApplication' +export * from './utils' +export * from './standard' diff --git a/packages/core/src/metadata/operator/standard/add.ts b/packages/core/src/metadata/operator/standard/add.ts new file mode 100644 index 0000000..38d5fae --- /dev/null +++ b/packages/core/src/metadata/operator/standard/add.ts @@ -0,0 +1,24 @@ +import { z } from 'zod' +import { MetadataMergeStrategy } from '../MetadataMergeStrategy' +import type { MetadataOperator } from '../MetadataOperator' +import { MetadataOrderOfApplication } from '../MetadataOrderOfApplication' +import { createPolicyOperatorSchema } from '../utils' + +export const addOperator: MetadataOperator = { + key: 'add', + parameterJsonValues: [ + z.array(z.string()), + z.array(z.record(z.string().or(z.number())), z.unknown()), + z.array(z.number()), + ], + operatorJsonValues: [ + z.array(z.string()), + z.array(z.record(z.string().or(z.number())), z.unknown()), + z.array(z.number()), + ], + canBeCombinedWith: ['default', 'subset_of', 'superset_of', 'essential'], + orderOfApplication: MetadataOrderOfApplication.AfterValue, + mergeStrategy: MetadataMergeStrategy.Union, +} + +export const addOperatorSchema = createPolicyOperatorSchema(addOperator) diff --git a/packages/core/src/metadata/operator/standard/default.ts b/packages/core/src/metadata/operator/standard/default.ts new file mode 100644 index 0000000..8aefaab --- /dev/null +++ b/packages/core/src/metadata/operator/standard/default.ts @@ -0,0 +1,28 @@ +import { z } from 'zod' +import { MetadataMergeStrategy } from '../MetadataMergeStrategy' +import type { MetadataOperator } from '../MetadataOperator' +import { MetadataOrderOfApplication } from '../MetadataOrderOfApplication' +import { createPolicyOperatorSchema } from '../utils' + +export const defaultOperator: MetadataOperator = { + key: 'default', + parameterJsonValues: [ + z.string(), + z.number(), + z.boolean(), + z.record(z.string().or(z.number()), z.unknown()), + z.array(z.unknown()), + ], + operatorJsonValues: [ + z.string(), + z.number(), + z.boolean(), + z.record(z.string().or(z.number()), z.unknown()), + z.array(z.unknown()), + ], + canBeCombinedWith: ['add', 'one_of', 'subset_of', 'superset_of', 'essential'], + orderOfApplication: MetadataOrderOfApplication.AfterAdd, + mergeStrategy: MetadataMergeStrategy.OperatorValuesEqual, +} + +export const defaultOperatorSchema = createPolicyOperatorSchema(defaultOperator) diff --git a/packages/core/src/metadata/operator/standard/essential.ts b/packages/core/src/metadata/operator/standard/essential.ts new file mode 100644 index 0000000..1ca9575 --- /dev/null +++ b/packages/core/src/metadata/operator/standard/essential.ts @@ -0,0 +1,23 @@ +import { z } from 'zod' +import { MetadataMergeStrategy } from '../MetadataMergeStrategy' +import type { MetadataOperator } from '../MetadataOperator' +import { MetadataOrderOfApplication } from '../MetadataOrderOfApplication' +import { createPolicyOperatorSchema } from '../utils' + +export const essentialOperator: MetadataOperator = { + key: 'essential', + parameterJsonValues: [ + z.string(), + z.number(), + z.boolean(), + z.record(z.string().or(z.number())), + z.unknown(), + z.array(z.unknown()), + ], + operatorJsonValues: [z.boolean()], + canBeCombinedWith: ['add', 'default', 'one_of', 'subset_of', 'superset_of', 'value'], + orderOfApplication: MetadataOrderOfApplication.Last, + mergeStrategy: MetadataMergeStrategy.SuperiorFollowsIfTrue, +} + +export const essentialOperatorSchema = createPolicyOperatorSchema(essentialOperator) diff --git a/packages/core/src/metadata/operator/standard/index.ts b/packages/core/src/metadata/operator/standard/index.ts new file mode 100644 index 0000000..027a22f --- /dev/null +++ b/packages/core/src/metadata/operator/standard/index.ts @@ -0,0 +1,7 @@ +export * from './add' +export * from './oneOf' +export * from './value' +export * from './default' +export * from './subsetOf' +export * from './essential' +export * from './supersetOf' diff --git a/packages/core/src/metadata/operator/standard/oneOf.ts b/packages/core/src/metadata/operator/standard/oneOf.ts new file mode 100644 index 0000000..8e7d4a2 --- /dev/null +++ b/packages/core/src/metadata/operator/standard/oneOf.ts @@ -0,0 +1,20 @@ +import { z } from 'zod' +import { MetadataMergeStrategy } from '../MetadataMergeStrategy' +import type { MetadataOperator } from '../MetadataOperator' +import { MetadataOrderOfApplication } from '../MetadataOrderOfApplication' +import { createPolicyOperatorSchema } from '../utils' + +export const oneOfOperator: MetadataOperator = { + key: 'one_of', + parameterJsonValues: [z.string(), z.record(z.string().or(z.number()), z.unknown()), z.number()], + operatorJsonValues: [ + z.array(z.string()), + z.array(z.record(z.string().or(z.number())), z.unknown()), + z.array(z.number()), + ], + canBeCombinedWith: ['default', 'essential'], + orderOfApplication: MetadataOrderOfApplication.AfterDefault, + mergeStrategy: MetadataMergeStrategy.Intersection, +} + +export const oneOfOperatorSchema = createPolicyOperatorSchema(oneOfOperator) diff --git a/packages/core/src/metadata/operator/standard/subsetOf.ts b/packages/core/src/metadata/operator/standard/subsetOf.ts new file mode 100644 index 0000000..3ab8103 --- /dev/null +++ b/packages/core/src/metadata/operator/standard/subsetOf.ts @@ -0,0 +1,24 @@ +import { z } from 'zod' +import { MetadataMergeStrategy } from '../MetadataMergeStrategy' +import type { MetadataOperator } from '../MetadataOperator' +import { MetadataOrderOfApplication } from '../MetadataOrderOfApplication' +import { createPolicyOperatorSchema } from '../utils' + +export const subsetOfOperator: MetadataOperator = { + key: 'subset_of', + parameterJsonValues: [ + z.array(z.string()), + z.array(z.record(z.string().or(z.number())), z.unknown()), + z.array(z.number()), + ], + operatorJsonValues: [ + z.array(z.string()), + z.array(z.record(z.string().or(z.number())), z.unknown()), + z.array(z.number()), + ], + canBeCombinedWith: ['add', 'default', 'superset_of', 'essential'], + orderOfApplication: MetadataOrderOfApplication.AfterOneOf, + mergeStrategy: MetadataMergeStrategy.Intersection, +} + +export const subsetOfOperatorSchema = createPolicyOperatorSchema(subsetOfOperator) diff --git a/packages/core/src/metadata/operator/standard/supersetOf.ts b/packages/core/src/metadata/operator/standard/supersetOf.ts new file mode 100644 index 0000000..4695113 --- /dev/null +++ b/packages/core/src/metadata/operator/standard/supersetOf.ts @@ -0,0 +1,24 @@ +import { z } from 'zod' +import { MetadataMergeStrategy } from '../MetadataMergeStrategy' +import type { MetadataOperator } from '../MetadataOperator' +import { MetadataOrderOfApplication } from '../MetadataOrderOfApplication' +import { createPolicyOperatorSchema } from '../utils' + +export const supersetOfOperator: MetadataOperator = { + key: 'superset_of', + parameterJsonValues: [ + z.array(z.string()), + z.array(z.record(z.string().or(z.number())), z.unknown()), + z.array(z.number()), + ], + operatorJsonValues: [ + z.array(z.string()), + z.array(z.record(z.string().or(z.number())), z.unknown()), + z.array(z.number()), + ], + canBeCombinedWith: ['add', 'default', 'subset_of', 'essential'], + orderOfApplication: MetadataOrderOfApplication.AfterSubsetOf, + mergeStrategy: MetadataMergeStrategy.Union, +} + +export const supersetOfOperatorSchema = createPolicyOperatorSchema(supersetOfOperator) diff --git a/packages/core/src/metadata/operator/standard/value.ts b/packages/core/src/metadata/operator/standard/value.ts new file mode 100644 index 0000000..59ccf76 --- /dev/null +++ b/packages/core/src/metadata/operator/standard/value.ts @@ -0,0 +1,29 @@ +import { z } from 'zod' +import { MetadataMergeStrategy } from '../MetadataMergeStrategy' +import type { MetadataOperator } from '../MetadataOperator' +import { MetadataOrderOfApplication } from '../MetadataOrderOfApplication' +import { createPolicyOperatorSchema } from '../utils' + +export const valueOperator: MetadataOperator = { + key: 'value', + parameterJsonValues: [ + z.string(), + z.number(), + z.boolean(), + z.record(z.string().or(z.number()), z.unknown()), + z.array(z.unknown()), + ], + operatorJsonValues: [ + z.string(), + z.number(), + z.boolean(), + z.record(z.string().or(z.number()), z.unknown()), + z.array(z.unknown()), + z.null(), + ], + canBeCombinedWith: ['essential'], + orderOfApplication: MetadataOrderOfApplication.First, + mergeStrategy: MetadataMergeStrategy.OperatorValuesEqual, +} + +export const valueOperatorSchema = createPolicyOperatorSchema(valueOperator) diff --git a/packages/core/src/metadata/operator/utils/createPolicyOperatorSchema.ts b/packages/core/src/metadata/operator/utils/createPolicyOperatorSchema.ts new file mode 100644 index 0000000..25ee3a7 --- /dev/null +++ b/packages/core/src/metadata/operator/utils/createPolicyOperatorSchema.ts @@ -0,0 +1,20 @@ +import { z } from 'zod' +import type { MetadataOperator } from '../MetadataOperator' + +export const createPolicyOperatorSchema = (operator: MetadataOperator) => + z + .object({ + [operator.key]: operator.operatorJsonValues.reduce((acc, schema) => acc.or(schema)), + }) + .superRefine((data, ctx) => { + if (!Object.keys(data).every((key) => operator.canBeCombinedWith.includes(key))) { + ctx.addIssue({ + code: z.ZodIssueCode.custom, + message: `policy operator '${ + operator.key + }' can only be combined with one of: [${operator.canBeCombinedWith.join(', ')}]`, + }) + } + + return data + }) diff --git a/packages/core/src/metadata/operator/utils/index.ts b/packages/core/src/metadata/operator/utils/index.ts new file mode 100644 index 0000000..f61982b --- /dev/null +++ b/packages/core/src/metadata/operator/utils/index.ts @@ -0,0 +1,2 @@ +export * from './swapValidators' +export * from './createPolicyOperatorSchema' diff --git a/packages/core/src/metadata/operator/utils/swapValidators.ts b/packages/core/src/metadata/operator/utils/swapValidators.ts new file mode 100644 index 0000000..243ac49 --- /dev/null +++ b/packages/core/src/metadata/operator/utils/swapValidators.ts @@ -0,0 +1,16 @@ +import { z } from 'zod' + +export const swapValidators = ( + schema: z.ZodObject, + newValidator: z.ZodSchema +): z.ZodObject> => { + return z.object( + Object.keys(schema.shape).reduce( + (acc, key) => { + acc[key as keyof typeof acc] = newValidator + return acc + }, + {} as { [k in keyof T]: z.ZodSchema } + ) + ) +} diff --git a/packages/core/src/metadata/policy.ts b/packages/core/src/metadata/policy.ts new file mode 100644 index 0000000..f64fd2c --- /dev/null +++ b/packages/core/src/metadata/policy.ts @@ -0,0 +1,20 @@ +import { z } from 'zod' +import { addOperator, addOperatorSchema } from './operator' +import { defaultOperator, defaultOperatorSchema } from './operator' +import { essentialOperator, essentialOperatorSchema } from './operator' +import { oneOfOperator, oneOfOperatorSchema } from './operator' +import { supersetOfOperator, supersetOfOperatorSchema } from './operator' +import { subsetOfOperator, subsetOfOperatorSchema } from './operator' +import { valueOperator, valueOperatorSchema } from './operator' + +export const metadataPolicySchema = z.object({ + [addOperator.key]: addOperatorSchema.optional(), + [defaultOperator.key]: defaultOperatorSchema.optional(), + [essentialOperator.key]: essentialOperatorSchema.optional(), + [oneOfOperator.key]: oneOfOperatorSchema.optional(), + [supersetOfOperator.key]: supersetOfOperatorSchema.optional(), + [subsetOfOperator.key]: subsetOfOperatorSchema.optional(), + [valueOperator.key]: valueOperatorSchema.optional(), +}) + +export type MetadataPolicyOperator = z.input diff --git a/packages/core/src/trustMark/index.ts b/packages/core/src/trustMark/index.ts new file mode 100644 index 0000000..75c96fb --- /dev/null +++ b/packages/core/src/trustMark/index.ts @@ -0,0 +1,3 @@ +export * from './trustMark' +export * from './trustMarkOwner' +export * from './trustMarkIssuer' diff --git a/packages/core/src/trustMark/trustMark.ts b/packages/core/src/trustMark/trustMark.ts new file mode 100644 index 0000000..5303c61 --- /dev/null +++ b/packages/core/src/trustMark/trustMark.ts @@ -0,0 +1,21 @@ +import { type ZodSchema, z } from 'zod' +import { jsonWebTokenSchema } from '../jsonWeb' +import { dateSchema } from '../utils' + +export const trustMarkClaimsSchema = z.object({ + iss: z.string(), + sub: z.string(), + id: z.string(), + iat: dateSchema, + exp: dateSchema.optional(), + ref: z.string().url().optional(), +}) + +export const trustMarkSchema = z.object({ + id: z.string(), + trust_mark: jsonWebTokenSchema({ + claimsSchema: trustMarkClaimsSchema as ZodSchema, + }), +}) + +export type TrustMark = z.input diff --git a/packages/core/src/trustMark/trustMarkIssuer.ts b/packages/core/src/trustMark/trustMarkIssuer.ts new file mode 100644 index 0000000..a21c813 --- /dev/null +++ b/packages/core/src/trustMark/trustMarkIssuer.ts @@ -0,0 +1,5 @@ +import { z } from 'zod' + +export const trustMarkIssuerSchema = z.record(z.string(), z.array(z.string())) + +export type TrustMarkIssuer = z.input diff --git a/packages/core/src/trustMark/trustMarkOwner.ts b/packages/core/src/trustMark/trustMarkOwner.ts new file mode 100644 index 0000000..49a13b8 --- /dev/null +++ b/packages/core/src/trustMark/trustMarkOwner.ts @@ -0,0 +1,12 @@ +import { z } from 'zod' +import { jsonWebKeySetSchema } from '../jsonWeb' + +export const trustMarkOwnerSchema = z.record( + z.string(), + z.object({ + sub: z.string(), + jwks: jsonWebKeySetSchema, + }) +) + +export type TrustMarkOwner = z.input diff --git a/packages/core/src/utils/dateSchema.ts b/packages/core/src/utils/dateSchema.ts new file mode 100644 index 0000000..242ab40 --- /dev/null +++ b/packages/core/src/utils/dateSchema.ts @@ -0,0 +1,3 @@ +import { z } from 'zod' + +export const dateSchema = z.number().refine((date) => new Date(date * 1000)) diff --git a/packages/core/src/utils/index.ts b/packages/core/src/utils/index.ts new file mode 100644 index 0000000..17f57bd --- /dev/null +++ b/packages/core/src/utils/index.ts @@ -0,0 +1 @@ +export * from './dateSchema' diff --git a/packages/openid-federation-policies/tsconfig.json b/packages/core/tsconfig.json similarity index 80% rename from packages/openid-federation-policies/tsconfig.json rename to packages/core/tsconfig.json index 7bb06bc..6dbc485 100644 --- a/packages/openid-federation-policies/tsconfig.json +++ b/packages/core/tsconfig.json @@ -1,7 +1,7 @@ { "extends": "../../tsconfig.json", "compilerOptions": { - "rootDir": "src", + "rootDir": ".", "outDir": "build" } } diff --git a/packages/openid-federation-fetch/__tests__/example.test.ts b/packages/openid-federation-fetch/__tests__/example.test.ts deleted file mode 100644 index 80decc0..0000000 --- a/packages/openid-federation-fetch/__tests__/example.test.ts +++ /dev/null @@ -1,8 +0,0 @@ -import assert from 'node:assert' -import { describe, it } from 'node:test' - -describe('example', () => { - it('should be true', () => { - assert.equal(1, 1) - }) -}) diff --git a/packages/openid-federation-fetch/package.json b/packages/openid-federation-fetch/package.json deleted file mode 100644 index 69eba09..0000000 --- a/packages/openid-federation-fetch/package.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name": "@animo-id/openid-federation-fetch", - "version": "0.1.0", - "description": "The fetch implementation that is being used for the OpenID Federation", - "license": "Apache-2.0", - "main": "src/index.ts", - "scripts": { - "test": "node --import tsx --test **/__tests__/**/*.test.ts" - }, - "keywords": [], - "author": "Animo Solutions", - "devDependencies": { - "typescript": "*", - "@types/node": "*", - "tsx": "*" - } -} diff --git a/packages/openid-federation-fetch/tsconfig.json b/packages/openid-federation-fetch/tsconfig.json deleted file mode 100644 index 7bb06bc..0000000 --- a/packages/openid-federation-fetch/tsconfig.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "extends": "../../tsconfig.json", - "compilerOptions": { - "rootDir": "src", - "outDir": "build" - } -} diff --git a/packages/openid-federation-policies/__tests__/example.test.ts b/packages/openid-federation-policies/__tests__/example.test.ts deleted file mode 100644 index 80decc0..0000000 --- a/packages/openid-federation-policies/__tests__/example.test.ts +++ /dev/null @@ -1,8 +0,0 @@ -import assert from 'node:assert' -import { describe, it } from 'node:test' - -describe('example', () => { - it('should be true', () => { - assert.equal(1, 1) - }) -}) diff --git a/packages/openid-federation-policies/package.json b/packages/openid-federation-policies/package.json deleted file mode 100644 index 41d0750..0000000 --- a/packages/openid-federation-policies/package.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "name": "@animo-id/openid-federation-policies", - "version": "0.1.0", - "private": true, - "description": "This will contain the common policies for the OpenID Federation", - "main": "src/index.ts", - "license": "Apache-2.0", - "scripts": { - "test": "node --import tsx --test **/__tests__/**/*.test.ts" - }, - "keywords": [], - "author": "Animo Solutions", - "devDependencies": { - "typescript": "*", - "@types/node": "*", - "tsx": "*" - } -} diff --git a/packages/openid-federation-policies/src/index.ts b/packages/openid-federation-policies/src/index.ts deleted file mode 100644 index e69de29..0000000 diff --git a/packages/openid-federation-registry-policies/__tests__/example.test.ts b/packages/openid-federation-registry-policies/__tests__/example.test.ts deleted file mode 100644 index 80decc0..0000000 --- a/packages/openid-federation-registry-policies/__tests__/example.test.ts +++ /dev/null @@ -1,8 +0,0 @@ -import assert from 'node:assert' -import { describe, it } from 'node:test' - -describe('example', () => { - it('should be true', () => { - assert.equal(1, 1) - }) -}) diff --git a/packages/openid-federation-registry-policies/package.json b/packages/openid-federation-registry-policies/package.json deleted file mode 100644 index 24500b6..0000000 --- a/packages/openid-federation-registry-policies/package.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name": "@animo-id/openid-federation-registry-policies", - "version": "0.1.0", - "description": "This will contain the registry policies for the OpenID Federation", - "main": "src/index.ts", - "license": "Apache-2.0", - "scripts": { - "test": "node --import tsx --test **/__tests__/**/*.test.ts" - }, - "keywords": [], - "author": "Animo Solutions", - "devDependencies": { - "typescript": "*", - "@types/node": "*", - "tsx": "*" - } -} diff --git a/packages/openid-federation-registry-policies/src/index.ts b/packages/openid-federation-registry-policies/src/index.ts deleted file mode 100644 index e69de29..0000000 diff --git a/packages/openid-federation-registry-policies/tsconfig.json b/packages/openid-federation-registry-policies/tsconfig.json deleted file mode 100644 index 7bb06bc..0000000 --- a/packages/openid-federation-registry-policies/tsconfig.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "extends": "../../tsconfig.json", - "compilerOptions": { - "rootDir": "src", - "outDir": "build" - } -} diff --git a/packages/openid-federation-registry/__tests__/example.test.ts b/packages/openid-federation-registry/__tests__/example.test.ts deleted file mode 100644 index 80decc0..0000000 --- a/packages/openid-federation-registry/__tests__/example.test.ts +++ /dev/null @@ -1,8 +0,0 @@ -import assert from 'node:assert' -import { describe, it } from 'node:test' - -describe('example', () => { - it('should be true', () => { - assert.equal(1, 1) - }) -}) diff --git a/packages/openid-federation-registry/package.json b/packages/openid-federation-registry/package.json deleted file mode 100644 index b3142df..0000000 --- a/packages/openid-federation-registry/package.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name": "@animo-id/openid-federation-registry", - "version": "0.1.0", - "description": "This will contain the registry builder for OpenID Federation", - "main": "src/index.ts", - "license": "Apache-2.0", - "scripts": { - "test": "node --import tsx --test **/__tests__/**/*.test.ts" - }, - "keywords": [], - "author": "Animo Solutions", - "devDependencies": { - "typescript": "*", - "@types/node": "*", - "tsx": "*" - } -} diff --git a/packages/openid-federation-registry/src/index.ts b/packages/openid-federation-registry/src/index.ts deleted file mode 100644 index e69de29..0000000 diff --git a/packages/openid-federation-registry/tsconfig.json b/packages/openid-federation-registry/tsconfig.json deleted file mode 100644 index 7bb06bc..0000000 --- a/packages/openid-federation-registry/tsconfig.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "extends": "../../tsconfig.json", - "compilerOptions": { - "rootDir": "src", - "outDir": "build" - } -} diff --git a/packages/openid-federation-resolver-policies/__tests__/example.test.ts b/packages/openid-federation-resolver-policies/__tests__/example.test.ts deleted file mode 100644 index 80decc0..0000000 --- a/packages/openid-federation-resolver-policies/__tests__/example.test.ts +++ /dev/null @@ -1,8 +0,0 @@ -import assert from 'node:assert' -import { describe, it } from 'node:test' - -describe('example', () => { - it('should be true', () => { - assert.equal(1, 1) - }) -}) diff --git a/packages/openid-federation-resolver-policies/package.json b/packages/openid-federation-resolver-policies/package.json deleted file mode 100644 index 00e2ca4..0000000 --- a/packages/openid-federation-resolver-policies/package.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name": "@animo-id/openid-federation-resolver-policies", - "version": "0.1.0", - "description": "This will contain the resolver policies for the OpenID Federation", - "main": "src/index.ts", - "license": "Apache-2.0", - "scripts": { - "test": "node --import tsx --test **/__tests__/**/*.test.ts" - }, - "keywords": [], - "author": "Animo Solutions", - "devDependencies": { - "typescript": "*", - "@types/node": "*", - "tsx": "*" - } -} diff --git a/packages/openid-federation-resolver-policies/src/index.ts b/packages/openid-federation-resolver-policies/src/index.ts deleted file mode 100644 index e69de29..0000000 diff --git a/packages/openid-federation-resolver-policies/tsconfig.json b/packages/openid-federation-resolver-policies/tsconfig.json deleted file mode 100644 index 7bb06bc..0000000 --- a/packages/openid-federation-resolver-policies/tsconfig.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "extends": "../../tsconfig.json", - "compilerOptions": { - "rootDir": "src", - "outDir": "build" - } -} diff --git a/packages/openid-federation-resolver/__tests__/example.test.ts b/packages/openid-federation-resolver/__tests__/example.test.ts deleted file mode 100644 index 80decc0..0000000 --- a/packages/openid-federation-resolver/__tests__/example.test.ts +++ /dev/null @@ -1,8 +0,0 @@ -import assert from 'node:assert' -import { describe, it } from 'node:test' - -describe('example', () => { - it('should be true', () => { - assert.equal(1, 1) - }) -}) diff --git a/packages/openid-federation-resolver/package.json b/packages/openid-federation-resolver/package.json deleted file mode 100644 index fd13a3f..0000000 --- a/packages/openid-federation-resolver/package.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name": "@animo-id/openid-federation-resolver", - "version": "0.1.0", - "description": "This will contain the resolver for the OpenID Federation", - "main": "src/index.ts", - "license": "Apache-2.0", - "scripts": { - "test": "node --import tsx --test **/__tests__/**/*.test.ts" - }, - "keywords": [], - "author": "Animo Solutions", - "devDependencies": { - "typescript": "*", - "@types/node": "*", - "tsx": "*" - } -} diff --git a/packages/openid-federation-resolver/src/index.ts b/packages/openid-federation-resolver/src/index.ts deleted file mode 100644 index e69de29..0000000 diff --git a/packages/openid-federation-resolver/tsconfig.json b/packages/openid-federation-resolver/tsconfig.json deleted file mode 100644 index 7bb06bc..0000000 --- a/packages/openid-federation-resolver/tsconfig.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "extends": "../../tsconfig.json", - "compilerOptions": { - "rootDir": "src", - "outDir": "build" - } -} diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index f8e0dc6..a4d2afe 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -7,7 +7,7 @@ settings: overrides: typescript: ~5.3.2 '@types/node': ^20.11.1 - tsx: ^4.13.1 + ts-node: ^10.9.2 importers: @@ -18,79 +18,23 @@ importers: version: 1.8.0 rimraf: specifier: ^5.0.7 - version: 5.0.7 - tsx: - specifier: ^4.13.1 - version: 4.13.2 + version: 5.0.9 - packages/openid-federation-fetch: - devDependencies: - '@types/node': - specifier: ^20.11.1 - version: 20.14.2 - tsx: - specifier: ^4.13.1 - version: 4.13.2 - typescript: - specifier: ~5.3.2 - version: 5.3.3 - - packages/openid-federation-policies: - devDependencies: - '@types/node': - specifier: ^20.11.1 - version: 20.14.2 - tsx: - specifier: ^4.13.1 - version: 4.13.2 - typescript: - specifier: ~5.3.2 - version: 5.3.3 - - packages/openid-federation-registry: - devDependencies: - '@types/node': - specifier: ^20.11.1 - version: 20.14.2 - tsx: - specifier: ^4.13.1 - version: 4.13.2 - typescript: - specifier: ~5.3.2 - version: 5.3.3 - - packages/openid-federation-registry-policies: - devDependencies: - '@types/node': - specifier: ^20.11.1 - version: 20.14.2 - tsx: - specifier: ^4.13.1 - version: 4.13.2 - typescript: - specifier: ~5.3.2 - version: 5.3.3 - - packages/openid-federation-resolver: - devDependencies: - '@types/node': - specifier: ^20.11.1 - version: 20.14.2 - tsx: - specifier: ^4.13.1 - version: 4.13.2 - typescript: - specifier: ~5.3.2 - version: 5.3.3 - - packages/openid-federation-resolver-policies: + packages/core: + dependencies: + buffer: + specifier: ^6.0.3 + version: 6.0.3 + zod: + specifier: ^3.23.8 + version: 3.23.8 devDependencies: '@types/node': specifier: ^20.11.1 - version: 20.14.2 - tsx: - specifier: ^4.13.1 - version: 4.13.2 + version: 20.14.10 + ts-node: + specifier: ^10.9.2 + version: 10.9.2(@types/node@20.14.10)(typescript@5.3.3) typescript: specifier: ~5.3.2 version: 5.3.3 @@ -150,154 +94,51 @@ packages: cpu: [x64] os: [win32] - '@esbuild/aix-ppc64@0.20.2': - resolution: {integrity: sha512-D+EBOJHXdNZcLJRBkhENNG8Wji2kgc9AZ9KiPr1JuZjsNtyHzrsfLRrY0tk2H2aoFu6RANO1y1iPPUCDYWkb5g==} - engines: {node: '>=12'} - cpu: [ppc64] - os: [aix] - - '@esbuild/android-arm64@0.20.2': - resolution: {integrity: sha512-mRzjLacRtl/tWU0SvD8lUEwb61yP9cqQo6noDZP/O8VkwafSYwZ4yWy24kan8jE/IMERpYncRt2dw438LP3Xmg==} - engines: {node: '>=12'} - cpu: [arm64] - os: [android] - - '@esbuild/android-arm@0.20.2': - resolution: {integrity: sha512-t98Ra6pw2VaDhqNWO2Oph2LXbz/EJcnLmKLGBJwEwXX/JAN83Fym1rU8l0JUWK6HkIbWONCSSatf4sf2NBRx/w==} - engines: {node: '>=12'} - cpu: [arm] - os: [android] - - '@esbuild/android-x64@0.20.2': - resolution: {integrity: sha512-btzExgV+/lMGDDa194CcUQm53ncxzeBrWJcncOBxuC6ndBkKxnHdFJn86mCIgTELsooUmwUm9FkhSp5HYu00Rg==} - engines: {node: '>=12'} - cpu: [x64] - os: [android] - - '@esbuild/darwin-arm64@0.20.2': - resolution: {integrity: sha512-4J6IRT+10J3aJH3l1yzEg9y3wkTDgDk7TSDFX+wKFiWjqWp/iCfLIYzGyasx9l0SAFPT1HwSCR+0w/h1ES/MjA==} + '@cspotcode/source-map-support@0.8.1': + resolution: {integrity: sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==} engines: {node: '>=12'} - cpu: [arm64] - os: [darwin] - - '@esbuild/darwin-x64@0.20.2': - resolution: {integrity: sha512-tBcXp9KNphnNH0dfhv8KYkZhjc+H3XBkF5DKtswJblV7KlT9EI2+jeA8DgBjp908WEuYll6pF+UStUCfEpdysA==} - engines: {node: '>=12'} - cpu: [x64] - os: [darwin] - '@esbuild/freebsd-arm64@0.20.2': - resolution: {integrity: sha512-d3qI41G4SuLiCGCFGUrKsSeTXyWG6yem1KcGZVS+3FYlYhtNoNgYrWcvkOoaqMhwXSMrZRl69ArHsGJ9mYdbbw==} - engines: {node: '>=12'} - cpu: [arm64] - os: [freebsd] - - '@esbuild/freebsd-x64@0.20.2': - resolution: {integrity: sha512-d+DipyvHRuqEeM5zDivKV1KuXn9WeRX6vqSqIDgwIfPQtwMP4jaDsQsDncjTDDsExT4lR/91OLjRo8bmC1e+Cw==} - engines: {node: '>=12'} - cpu: [x64] - os: [freebsd] - - '@esbuild/linux-arm64@0.20.2': - resolution: {integrity: sha512-9pb6rBjGvTFNira2FLIWqDk/uaf42sSyLE8j1rnUpuzsODBq7FvpwHYZxQ/It/8b+QOS1RYfqgGFNLRI+qlq2A==} - engines: {node: '>=12'} - cpu: [arm64] - os: [linux] - - '@esbuild/linux-arm@0.20.2': - resolution: {integrity: sha512-VhLPeR8HTMPccbuWWcEUD1Az68TqaTYyj6nfE4QByZIQEQVWBB8vup8PpR7y1QHL3CpcF6xd5WVBU/+SBEvGTg==} - engines: {node: '>=12'} - cpu: [arm] - os: [linux] - - '@esbuild/linux-ia32@0.20.2': - resolution: {integrity: sha512-o10utieEkNPFDZFQm9CoP7Tvb33UutoJqg3qKf1PWVeeJhJw0Q347PxMvBgVVFgouYLGIhFYG0UGdBumROyiig==} + '@isaacs/cliui@8.0.2': + resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} engines: {node: '>=12'} - cpu: [ia32] - os: [linux] - '@esbuild/linux-loong64@0.20.2': - resolution: {integrity: sha512-PR7sp6R/UC4CFVomVINKJ80pMFlfDfMQMYynX7t1tNTeivQ6XdX5r2XovMmha/VjR1YN/HgHWsVcTRIMkymrgQ==} - engines: {node: '>=12'} - cpu: [loong64] - os: [linux] + '@jridgewell/resolve-uri@3.1.2': + resolution: {integrity: sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==} + engines: {node: '>=6.0.0'} - '@esbuild/linux-mips64el@0.20.2': - resolution: {integrity: sha512-4BlTqeutE/KnOiTG5Y6Sb/Hw6hsBOZapOVF6njAESHInhlQAghVVZL1ZpIctBOoTFbQyGW+LsVYZ8lSSB3wkjA==} - engines: {node: '>=12'} - cpu: [mips64el] - os: [linux] + '@jridgewell/sourcemap-codec@1.4.15': + resolution: {integrity: sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==} - '@esbuild/linux-ppc64@0.20.2': - resolution: {integrity: sha512-rD3KsaDprDcfajSKdn25ooz5J5/fWBylaaXkuotBDGnMnDP1Uv5DLAN/45qfnf3JDYyJv/ytGHQaziHUdyzaAg==} - engines: {node: '>=12'} - cpu: [ppc64] - os: [linux] - - '@esbuild/linux-riscv64@0.20.2': - resolution: {integrity: sha512-snwmBKacKmwTMmhLlz/3aH1Q9T8v45bKYGE3j26TsaOVtjIag4wLfWSiZykXzXuE1kbCE+zJRmwp+ZbIHinnVg==} - engines: {node: '>=12'} - cpu: [riscv64] - os: [linux] + '@jridgewell/trace-mapping@0.3.9': + resolution: {integrity: sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==} - '@esbuild/linux-s390x@0.20.2': - resolution: {integrity: sha512-wcWISOobRWNm3cezm5HOZcYz1sKoHLd8VL1dl309DiixxVFoFe/o8HnwuIwn6sXre88Nwj+VwZUvJf4AFxkyrQ==} - engines: {node: '>=12'} - cpu: [s390x] - os: [linux] + '@pkgjs/parseargs@0.11.0': + resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} + engines: {node: '>=14'} - '@esbuild/linux-x64@0.20.2': - resolution: {integrity: sha512-1MdwI6OOTsfQfek8sLwgyjOXAu+wKhLEoaOLTjbijk6E2WONYpH9ZU2mNtR+lZ2B4uwr+usqGuVfFT9tMtGvGw==} - engines: {node: '>=12'} - cpu: [x64] - os: [linux] + '@tsconfig/node10@1.0.11': + resolution: {integrity: sha512-DcRjDCujK/kCk/cUe8Xz8ZSpm8mS3mNNpta+jGCA6USEDfktlNvm1+IuZ9eTcDbNk41BHwpHHeW+N1lKCz4zOw==} - '@esbuild/netbsd-x64@0.20.2': - resolution: {integrity: sha512-K8/DhBxcVQkzYc43yJXDSyjlFeHQJBiowJ0uVL6Tor3jGQfSGHNNJcWxNbOI8v5k82prYqzPuwkzHt3J1T1iZQ==} - engines: {node: '>=12'} - cpu: [x64] - os: [netbsd] + '@tsconfig/node12@1.0.11': + resolution: {integrity: sha512-cqefuRsh12pWyGsIoBKJA9luFu3mRxCA+ORZvA4ktLSzIuCUtWVxGIuXigEwO5/ywWFMZ2QEGKWvkZG1zDMTag==} - '@esbuild/openbsd-x64@0.20.2': - resolution: {integrity: sha512-eMpKlV0SThJmmJgiVyN9jTPJ2VBPquf6Kt/nAoo6DgHAoN57K15ZghiHaMvqjCye/uU4X5u3YSMgVBI1h3vKrQ==} - engines: {node: '>=12'} - cpu: [x64] - os: [openbsd] + '@tsconfig/node14@1.0.3': + resolution: {integrity: sha512-ysT8mhdixWK6Hw3i1V2AeRqZ5WfXg1G43mqoYlM2nc6388Fq5jcXyr5mRsqViLx/GJYdoL0bfXD8nmF+Zn/Iow==} - '@esbuild/sunos-x64@0.20.2': - resolution: {integrity: sha512-2UyFtRC6cXLyejf/YEld4Hajo7UHILetzE1vsRcGL3earZEW77JxrFjH4Ez2qaTiEfMgAXxfAZCm1fvM/G/o8w==} - engines: {node: '>=12'} - cpu: [x64] - os: [sunos] + '@tsconfig/node16@1.0.4': + resolution: {integrity: sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==} - '@esbuild/win32-arm64@0.20.2': - resolution: {integrity: sha512-GRibxoawM9ZCnDxnP3usoUDO9vUkpAxIIZ6GQI+IlVmr5kP3zUq+l17xELTHMWTWzjxa2guPNyrpq1GWmPvcGQ==} - engines: {node: '>=12'} - cpu: [arm64] - os: [win32] - - '@esbuild/win32-ia32@0.20.2': - resolution: {integrity: sha512-HfLOfn9YWmkSKRQqovpnITazdtquEW8/SoHW7pWpuEeguaZI4QnCRW6b+oZTztdBnZOS2hqJ6im/D5cPzBTTlQ==} - engines: {node: '>=12'} - cpu: [ia32] - os: [win32] + '@types/node@20.14.10': + resolution: {integrity: sha512-MdiXf+nDuMvY0gJKxyfZ7/6UFsETO7mGKF54MVD/ekJS6HdFtpZFBgrh6Pseu64XTb2MLyFPlbW6hj8HYRQNOQ==} - '@esbuild/win32-x64@0.20.2': - resolution: {integrity: sha512-N49X4lJX27+l9jbLKSqZ6bKNjzQvHaT8IIFUy+YIqmXQdjYCToGWwOItDrfby14c78aDd5NHQl29xingXfCdLQ==} - engines: {node: '>=12'} - cpu: [x64] - os: [win32] + acorn-walk@8.3.3: + resolution: {integrity: sha512-MxXdReSRhGO7VlFe1bRG/oI7/mdLV9B9JJT0N8vZOhF7gFRR5l3M8W9G8JxmKV+JC5mGqJ0QvqfSOLsCPa4nUw==} + engines: {node: '>=0.4.0'} - '@isaacs/cliui@8.0.2': - resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} - engines: {node: '>=12'} - - '@pkgjs/parseargs@0.11.0': - resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} - engines: {node: '>=14'} - - '@types/node@20.14.2': - resolution: {integrity: sha512-xyu6WAMVwv6AKFLB+e/7ySZVr/0zLCzOa7rSpq6jNwpqOrUbcACDWC+53d4n2QHOnDou0fbIsg8wZu/sxrnI4Q==} + acorn@8.12.1: + resolution: {integrity: sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==} + engines: {node: '>=0.4.0'} + hasBin: true ansi-regex@5.0.1: resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} @@ -315,12 +156,21 @@ packages: resolution: {integrity: sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==} engines: {node: '>=12'} + arg@4.1.3: + resolution: {integrity: sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==} + balanced-match@1.0.2: resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} + base64-js@1.5.1: + resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} + brace-expansion@2.0.1: resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} + buffer@6.0.3: + resolution: {integrity: sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==} + color-convert@2.0.1: resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} engines: {node: '>=7.0.0'} @@ -328,10 +178,17 @@ packages: color-name@1.1.4: resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} + create-require@1.1.1: + resolution: {integrity: sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==} + cross-spawn@7.0.3: resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} engines: {node: '>= 8'} + diff@4.0.2: + resolution: {integrity: sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==} + engines: {node: '>=0.3.1'} + eastasianwidth@0.2.0: resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} @@ -341,28 +198,18 @@ packages: emoji-regex@9.2.2: resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} - esbuild@0.20.2: - resolution: {integrity: sha512-WdOOppmUNU+IbZ0PaDiTst80zjnrOkyJNHoKupIcVyU8Lvla3Ugx94VzkQ32Ijqd7UhHJy75gNWDMUekcrSJ6g==} - engines: {node: '>=12'} - hasBin: true - - foreground-child@3.1.1: - resolution: {integrity: sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==} + foreground-child@3.2.1: + resolution: {integrity: sha512-PXUUyLqrR2XCWICfv6ukppP96sdFwWbNEnfEMt7jNsISjMsvaLNinAHNDYyvkyU+SZG2BTSbT5NjG+vZslfGTA==} engines: {node: '>=14'} - fsevents@2.3.3: - resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==} - engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0} - os: [darwin] - - get-tsconfig@4.7.5: - resolution: {integrity: sha512-ZCuZCnlqNzjb4QprAzXKdpp/gh6KTxSJuw3IBsPnV/7fV4NxC9ckB+vPTt8w7fJA0TaSD7c55BR47JD6MEDyDw==} - - glob@10.4.1: - resolution: {integrity: sha512-2jelhlq3E4ho74ZyVLN03oKdAZVUa6UDZzFLVH1H7dnoax+y9qyaq8zBkfDIggjniU19z0wU18y16jMB2eyVIw==} - engines: {node: '>=16 || 14 >=14.18'} + glob@10.4.4: + resolution: {integrity: sha512-XsOKvHsu38Xe19ZQupE6N/HENeHQBA05o3hV8labZZT2zYDg1+emxWHnc/Bm9AcCMPXfD6jt+QC7zC5JSFyumw==} + engines: {node: 14 >=14.21 || 16 >=16.20 || 18 || 20 || >=22} hasBin: true + ieee754@1.2.1: + resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} + is-fullwidth-code-point@3.0.0: resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} engines: {node: '>=8'} @@ -370,22 +217,28 @@ packages: isexe@2.0.0: resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} - jackspeak@3.4.0: - resolution: {integrity: sha512-JVYhQnN59LVPFCEcVa2C3CrEKYacvjRfqIQl+h8oi91aLYQVWRYbxjPcv1bUiUy/kLmQaANrYfNMCO3kuEDHfw==} - engines: {node: '>=14'} + jackspeak@3.4.2: + resolution: {integrity: sha512-qH3nOSj8q/8+Eg8LUPOq3C+6HWkpUioIjDsq1+D4zY91oZvpPttw8GwtF1nReRYKXl+1AORyFqtm2f5Q1SB6/Q==} + engines: {node: 14 >=14.21 || 16 >=16.20 || >=18} - lru-cache@10.2.2: - resolution: {integrity: sha512-9hp3Vp2/hFQUiIwKo8XCeFVnrg8Pk3TYNPIR7tJADKi5YfcF7vEaK7avFHTlSy3kOKYaJQaalfEo6YuXdceBOQ==} - engines: {node: 14 || >=16.14} + lru-cache@10.4.2: + resolution: {integrity: sha512-voV4dDrdVZVNz84n39LFKDaRzfwhdzJ7akpyXfTMxCgRUp07U3lcJUXRlhTKP17rgt09sUzLi5iCitpEAr+6ug==} + engines: {node: 14 || 16 || 18 || 20 || >=22} - minimatch@9.0.4: - resolution: {integrity: sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==} + make-error@1.3.6: + resolution: {integrity: sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==} + + minimatch@9.0.5: + resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==} engines: {node: '>=16 || 14 >=14.17'} minipass@7.1.2: resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} engines: {node: '>=16 || 14 >=14.17'} + package-json-from-dist@1.0.0: + resolution: {integrity: sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==} + path-key@3.1.1: resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} engines: {node: '>=8'} @@ -394,12 +247,9 @@ packages: resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} engines: {node: '>=16 || 14 >=14.18'} - resolve-pkg-maps@1.0.0: - resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==} - - rimraf@5.0.7: - resolution: {integrity: sha512-nV6YcJo5wbLW77m+8KjH8aB/7/rxQy9SZ0HY5shnwULfS+9nmTtVXAJET5NdZmCzA4fPI/Hm1wo/Po/4mopOdg==} - engines: {node: '>=14.18'} + rimraf@5.0.9: + resolution: {integrity: sha512-3i7b8OcswU6CpU8Ej89quJD4O98id7TtVM5U4Mybh84zQXdrFmDLouWBEEaD/QfO3gDDfH+AGFCGsR7kngzQnA==} + engines: {node: 14 >=14.20 || 16 >=16.20 || >=18} hasBin: true shebang-command@2.0.0: @@ -430,10 +280,19 @@ packages: resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==} engines: {node: '>=12'} - tsx@4.13.2: - resolution: {integrity: sha512-s+WGqChkA77uU8xij1IdO9jQnwJAiWJto0bF5yJLbAZpLtNs82Qa5CwMBxWjJ7QOYU9MzBf4MCNt6lZduwkQ+g==} - engines: {node: '>=18.0.0'} + ts-node@10.9.2: + resolution: {integrity: sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==} hasBin: true + peerDependencies: + '@swc/core': '>=1.2.50' + '@swc/wasm': '>=1.2.50' + '@types/node': ^20.11.1 + typescript: ~5.3.2 + peerDependenciesMeta: + '@swc/core': + optional: true + '@swc/wasm': + optional: true typescript@5.3.3: resolution: {integrity: sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==} @@ -443,6 +302,9 @@ packages: undici-types@5.26.5: resolution: {integrity: sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==} + v8-compile-cache-lib@3.0.1: + resolution: {integrity: sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==} + which@2.0.2: resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} engines: {node: '>= 8'} @@ -456,6 +318,13 @@ packages: resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} engines: {node: '>=12'} + yn@3.1.1: + resolution: {integrity: sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==} + engines: {node: '>=6'} + + zod@3.23.8: + resolution: {integrity: sha512-XBx9AXhXktjUqnepgTiE5flcKIYWi/rme0Eaj+5Y0lftuGBq+jyRu/md4WnuxqgP1ubdpNCsYEYPxrzVHD8d6g==} + snapshots: '@biomejs/biome@1.8.0': @@ -493,74 +362,9 @@ snapshots: '@biomejs/cli-win32-x64@1.8.0': optional: true - '@esbuild/aix-ppc64@0.20.2': - optional: true - - '@esbuild/android-arm64@0.20.2': - optional: true - - '@esbuild/android-arm@0.20.2': - optional: true - - '@esbuild/android-x64@0.20.2': - optional: true - - '@esbuild/darwin-arm64@0.20.2': - optional: true - - '@esbuild/darwin-x64@0.20.2': - optional: true - - '@esbuild/freebsd-arm64@0.20.2': - optional: true - - '@esbuild/freebsd-x64@0.20.2': - optional: true - - '@esbuild/linux-arm64@0.20.2': - optional: true - - '@esbuild/linux-arm@0.20.2': - optional: true - - '@esbuild/linux-ia32@0.20.2': - optional: true - - '@esbuild/linux-loong64@0.20.2': - optional: true - - '@esbuild/linux-mips64el@0.20.2': - optional: true - - '@esbuild/linux-ppc64@0.20.2': - optional: true - - '@esbuild/linux-riscv64@0.20.2': - optional: true - - '@esbuild/linux-s390x@0.20.2': - optional: true - - '@esbuild/linux-x64@0.20.2': - optional: true - - '@esbuild/netbsd-x64@0.20.2': - optional: true - - '@esbuild/openbsd-x64@0.20.2': - optional: true - - '@esbuild/sunos-x64@0.20.2': - optional: true - - '@esbuild/win32-arm64@0.20.2': - optional: true - - '@esbuild/win32-ia32@0.20.2': - optional: true - - '@esbuild/win32-x64@0.20.2': - optional: true + '@cspotcode/source-map-support@0.8.1': + dependencies: + '@jridgewell/trace-mapping': 0.3.9 '@isaacs/cliui@8.0.2': dependencies: @@ -571,13 +375,36 @@ snapshots: wrap-ansi: 8.1.0 wrap-ansi-cjs: wrap-ansi@7.0.0 + '@jridgewell/resolve-uri@3.1.2': {} + + '@jridgewell/sourcemap-codec@1.4.15': {} + + '@jridgewell/trace-mapping@0.3.9': + dependencies: + '@jridgewell/resolve-uri': 3.1.2 + '@jridgewell/sourcemap-codec': 1.4.15 + '@pkgjs/parseargs@0.11.0': optional: true - '@types/node@20.14.2': + '@tsconfig/node10@1.0.11': {} + + '@tsconfig/node12@1.0.11': {} + + '@tsconfig/node14@1.0.3': {} + + '@tsconfig/node16@1.0.4': {} + + '@types/node@20.14.10': dependencies: undici-types: 5.26.5 + acorn-walk@8.3.3: + dependencies: + acorn: 8.12.1 + + acorn@8.12.1: {} + ansi-regex@5.0.1: {} ansi-regex@6.0.1: {} @@ -588,106 +415,91 @@ snapshots: ansi-styles@6.2.1: {} + arg@4.1.3: {} + balanced-match@1.0.2: {} + base64-js@1.5.1: {} + brace-expansion@2.0.1: dependencies: balanced-match: 1.0.2 + buffer@6.0.3: + dependencies: + base64-js: 1.5.1 + ieee754: 1.2.1 + color-convert@2.0.1: dependencies: color-name: 1.1.4 color-name@1.1.4: {} + create-require@1.1.1: {} + cross-spawn@7.0.3: dependencies: path-key: 3.1.1 shebang-command: 2.0.0 which: 2.0.2 + diff@4.0.2: {} + eastasianwidth@0.2.0: {} emoji-regex@8.0.0: {} emoji-regex@9.2.2: {} - esbuild@0.20.2: - optionalDependencies: - '@esbuild/aix-ppc64': 0.20.2 - '@esbuild/android-arm': 0.20.2 - '@esbuild/android-arm64': 0.20.2 - '@esbuild/android-x64': 0.20.2 - '@esbuild/darwin-arm64': 0.20.2 - '@esbuild/darwin-x64': 0.20.2 - '@esbuild/freebsd-arm64': 0.20.2 - '@esbuild/freebsd-x64': 0.20.2 - '@esbuild/linux-arm': 0.20.2 - '@esbuild/linux-arm64': 0.20.2 - '@esbuild/linux-ia32': 0.20.2 - '@esbuild/linux-loong64': 0.20.2 - '@esbuild/linux-mips64el': 0.20.2 - '@esbuild/linux-ppc64': 0.20.2 - '@esbuild/linux-riscv64': 0.20.2 - '@esbuild/linux-s390x': 0.20.2 - '@esbuild/linux-x64': 0.20.2 - '@esbuild/netbsd-x64': 0.20.2 - '@esbuild/openbsd-x64': 0.20.2 - '@esbuild/sunos-x64': 0.20.2 - '@esbuild/win32-arm64': 0.20.2 - '@esbuild/win32-ia32': 0.20.2 - '@esbuild/win32-x64': 0.20.2 - - foreground-child@3.1.1: + foreground-child@3.2.1: dependencies: cross-spawn: 7.0.3 signal-exit: 4.1.0 - fsevents@2.3.3: - optional: true - - get-tsconfig@4.7.5: - dependencies: - resolve-pkg-maps: 1.0.0 - - glob@10.4.1: + glob@10.4.4: dependencies: - foreground-child: 3.1.1 - jackspeak: 3.4.0 - minimatch: 9.0.4 + foreground-child: 3.2.1 + jackspeak: 3.4.2 + minimatch: 9.0.5 minipass: 7.1.2 + package-json-from-dist: 1.0.0 path-scurry: 1.11.1 + ieee754@1.2.1: {} + is-fullwidth-code-point@3.0.0: {} isexe@2.0.0: {} - jackspeak@3.4.0: + jackspeak@3.4.2: dependencies: '@isaacs/cliui': 8.0.2 optionalDependencies: '@pkgjs/parseargs': 0.11.0 - lru-cache@10.2.2: {} + lru-cache@10.4.2: {} + + make-error@1.3.6: {} - minimatch@9.0.4: + minimatch@9.0.5: dependencies: brace-expansion: 2.0.1 minipass@7.1.2: {} + package-json-from-dist@1.0.0: {} + path-key@3.1.1: {} path-scurry@1.11.1: dependencies: - lru-cache: 10.2.2 + lru-cache: 10.4.2 minipass: 7.1.2 - resolve-pkg-maps@1.0.0: {} - - rimraf@5.0.7: + rimraf@5.0.9: dependencies: - glob: 10.4.1 + glob: 10.4.4 shebang-command@2.0.0: dependencies: @@ -717,17 +529,30 @@ snapshots: dependencies: ansi-regex: 6.0.1 - tsx@4.13.2: + ts-node@10.9.2(@types/node@20.14.10)(typescript@5.3.3): dependencies: - esbuild: 0.20.2 - get-tsconfig: 4.7.5 - optionalDependencies: - fsevents: 2.3.3 + '@cspotcode/source-map-support': 0.8.1 + '@tsconfig/node10': 1.0.11 + '@tsconfig/node12': 1.0.11 + '@tsconfig/node14': 1.0.3 + '@tsconfig/node16': 1.0.4 + '@types/node': 20.14.10 + acorn: 8.12.1 + acorn-walk: 8.3.3 + arg: 4.1.3 + create-require: 1.1.1 + diff: 4.0.2 + make-error: 1.3.6 + typescript: 5.3.3 + v8-compile-cache-lib: 3.0.1 + yn: 3.1.1 typescript@5.3.3: {} undici-types@5.26.5: {} + v8-compile-cache-lib@3.0.1: {} + which@2.0.2: dependencies: isexe: 2.0.0 @@ -743,3 +568,7 @@ snapshots: ansi-styles: 6.2.1 string-width: 5.1.2 strip-ansi: 7.1.0 + + yn@3.1.1: {} + + zod@3.23.8: {} diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index 4340350..18ec407 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -1,2 +1,2 @@ packages: - - 'packages/*' \ No newline at end of file + - 'packages/*'